From fbf375c6909fd22367b6ba28e6c453263ebcc30c Mon Sep 17 00:00:00 2001 From: sebhoss Date: Fri, 9 Aug 2024 10:09:16 +0000 Subject: [PATCH] Update upstream specifications to their latest version --- .../camel-k/camel.apache.org/v1/builds.yaml | 126 +- .../camel.apache.org/v1/camelcatalogs.yaml | 10 +- .../camel.apache.org/v1/integrationkits.yaml | 52 +- .../v1/integrationplatforms.yaml | 552 +- .../v1/integrationprofiles.yaml | 540 +- .../camel.apache.org/v1/integrations.yaml | 1369 +-- .../camel-k/camel.apache.org/v1/kamelets.yaml | 42 +- .../camel-k/camel.apache.org/v1/pipes.yaml | 1391 +-- .../v1alpha1/kameletbindings.yaml | 1425 +-- .../camel.apache.org/v1alpha1/kamelets.yaml | 40 +- .../v1beta1/flinkdeployments.yaml | 18 + .../v1beta1/flinksessionjobs.yaml | 18 + .../v1alpha1/backuppolicytemplates.yaml | 116 +- .../v1alpha1/clusterdefinitions.yaml | 5824 ------------ .../apps.kubeblocks.io/v1alpha1/clusters.yaml | 614 +- .../v1alpha1/componentdefinitions.yaml | 185 +- .../v1alpha1/components.yaml | 278 +- .../v1alpha1/opsdefinitions.yaml | 183 +- .../v1alpha1/opsrequests.yaml | 290 +- .../v1alpha1/backuppolicies.yaml | 124 + .../v1alpha1/backups.yaml | 124 + .../v1alpha1/restores.yaml | 123 +- .../v1alpha1/instancesets.yaml | 377 +- .../certificateauthorityactivations.yaml | 2 + .../v1alpha1/certificates.yaml | 4 + .../v1alpha1/authorizers.yaml | 2 + .../v1alpha1/deployments.yaml | 2 + .../v1alpha1/integrations.yaml | 4 + .../v1alpha1/routes.yaml | 6 + .../v1alpha1/stages.yaml | 4 + .../v1alpha1/distributions.yaml | 2 + .../v1alpha1/loggroups.yaml | 2 + .../v1alpha1/dbclusters.yaml | 6 + .../v1alpha1/dbinstances.yaml | 2 + .../v1alpha1/dbsubnetgroups.yaml | 2 + .../v1alpha1/dhcpoptions.yaml | 2 + .../v1alpha1/internetgateways.yaml | 4 + .../v1alpha1/natgateways.yaml | 4 + .../v1alpha1/routetables.yaml | 12 + .../v1alpha1/securitygroups.yaml | 10 + .../v1alpha1/subnets.yaml | 4 + .../v1alpha1/vpcendpoints.yaml | 8 + .../v1alpha1/accesspoints.yaml | 2 + .../v1alpha1/filesystems.yaml | 2 + .../v1alpha1/mounttargets.yaml | 6 + .../eks.services.k8s.aws/v1alpha1/addons.yaml | 4 + .../v1alpha1/clusters.yaml | 8 + .../v1alpha1/fargateprofiles.yaml | 6 + .../v1alpha1/nodegroups.yaml | 8 + .../v1alpha1/jobruns.yaml | 2 + .../v1alpha1/clusters.yaml | 2 + .../v1alpha1/aliases.yaml | 2 + .../kms.services.k8s.aws/v1alpha1/grants.yaml | 2 + .../v1alpha1/acls.yaml | 2 + .../v1alpha1/clusters.yaml | 12 + .../v1alpha1/snapshots.yaml | 4 + .../v1alpha1/subnetgroups.yaml | 2 + .../mq.services.k8s.aws/v1alpha1/brokers.yaml | 4 + .../v1alpha1/firewalls.yaml | 4 +- .../v1alpha1/domains.yaml | 169 +- .../v1alpha1/alertmanagerdefinitions.yaml | 2 + .../v1alpha1/loggingconfigurations.yaml | 2 + .../v1alpha1/rulegroupsnamespaces.yaml | 2 + .../v1alpha1/dbclusters.yaml | 10 + .../v1alpha1/dbinstances.yaml | 10 + .../v1alpha1/dbsubnetgroups.yaml | 2 + .../v1alpha1/recordsets.yaml | 2 + .../v1alpha1/resolverendpoints.yaml | 4 + .../v1alpha1/platformapplications.yaml | 10 + .../v1alpha1/platformendpoints.yaml | 2 - .../v1alpha1/subscriptions.yaml | 2 + .../sns.services.k8s.aws/v1alpha1/topics.yaml | 4 + .../sqs.services.k8s.aws/v1alpha1/queues.yaml | 4 + .../v1alpha1/bundles.yaml | 60 + .../karpenter.k8s.aws/v1/ec2nodeclasses.yaml | 6 +- .../karpenter.sh/v1/nodeclaims.yaml | 1 + .../karpenter.sh/v1/nodepools.yaml | 3 +- .../karpenter.sh/v1beta1/nodeclaims.yaml | 2 + .../karpenter.sh/v1beta1/nodepools.yaml | 14 +- .../acme.cert-manager.io/v1/challenges.yaml | 766 ++ .../cert-manager.io/v1/clusterissuers.yaml | 766 ++ .../cert-manager.io/v1/issuers.yaml | 766 ++ .../org.eclipse.che/v2/checlusters.yaml | 6 +- .../v1beta1/clustersecretstores.yaml | 112 + .../v1beta1/secretstores.yaml | 112 + .../v1alpha1/alluxioruntimes.yaml | 77 + .../v1beta2/buckets.yaml | 21 + .../jaegertracing.io/v1/jaegers.yaml | 2 +- .../v1alpha1/clusterpropagationpolicies.yaml | 20 + .../v1alpha1/propagationpolicies.yaml | 20 + .../work.karmada.io/v1alpha1/works.yaml | 3 + .../v1alpha2/clusterresourcebindings.yaml | 20 + .../v1alpha2/resourcebindings.yaml | 20 + .../clustertriggerauthentications.yaml | 2 +- .../keda/keda.sh/v1alpha1/scaledjobs.yaml | 2 +- .../keda/keda.sh/v1alpha1/scaledobjects.yaml | 2 +- .../v1alpha1/triggerauthentications.yaml | 2 +- .../v1beta1/syslogngclusteroutputs.yaml | 171 + .../v1beta1/syslogngoutputs.yaml | 171 + .../v1/httproutes.yaml | 6 +- .../v1beta1/httproutes.yaml | 6 +- .../jobset.x-k8s.io/v1alpha2/jobsets.yaml | 346 +- .../kyverno.io/v1/clusterpolicies.yaml | 25 +- .../kyverno/kyverno.io/v1/policies.yaml | 25 +- .../kyverno.io/v1beta1/updaterequests.yaml | 2 +- .../kyverno.io/v2/cleanuppolicies.yaml | 2 +- .../kyverno.io/v2/clustercleanuppolicies.yaml | 2 +- .../kyverno.io/v2/policyexceptions.yaml | 2 +- .../kyverno/kyverno.io/v2/updaterequests.yaml | 2 +- .../v2alpha1/globalcontextentries.yaml | 2 +- .../kyverno.io/v2beta1/cleanuppolicies.yaml | 2 +- .../v2beta1/clustercleanuppolicies.yaml | 2 +- .../kyverno.io/v2beta1/clusterpolicies.yaml | 25 +- .../kyverno/kyverno.io/v2beta1/policies.yaml | 25 +- .../kyverno.io/v2beta1/policyexceptions.yaml | 2 +- .../v1/clusterephemeralreports.yaml | 2 +- .../v1/ephemeralreports.yaml | 2 +- .../k8s.mariadb.com/v1alpha1/mariadbs.yaml | 11 +- .../k8s.mariadb.com/v1alpha1/maxscales.yaml | 13 +- .../metal3.io/v1alpha1/baremetalhosts.yaml | 3 +- .../operator/minio.min.io/v2/tenants.yaml | 2 +- .../sts.min.io/v1alpha1/policybindings.yaml | 2 +- .../sts.min.io/v1beta1/policybindings.yaml | 2 +- .../v1beta1/flowcollectors.yaml | 14 + .../v1beta2/flowcollectors.yaml | 14 + .../k8s.nginx.org/v1/policies.yaml | 4 + .../v1/clusterdeploymentcustomizations.yaml | 6 +- .../v1/clusterdeployments.yaml | 78 +- .../v1/clusterdeprovisions.yaml | 30 +- .../hive.openshift.io/v1/clusterpools.yaml | 47 +- .../v1/clusterprovisions.yaml | 12 +- .../v1/clusterrelocates.yaml | 2 + .../hive/hive.openshift.io/v1/dnszones.yaml | 9 +- .../hive.openshift.io/v1/hiveconfigs.yaml | 30 +- .../hive.openshift.io/v1/machinepools.yaml | 3 +- .../v1/selectorsyncidentityproviders.yaml | 2 + .../v1/selectorsyncsets.yaml | 2 + .../v1/syncidentityproviders.yaml | 3 +- .../hive/hive.openshift.io/v1/syncsets.yaml | 3 +- .../v1alpha1/clustersyncs.yaml | 3 + .../v1alpha1/fakeclusterinstalls.yaml | 8 +- .../v1/alertmanagers.yaml | 159 + .../monitoring.coreos.com/v1/podmonitors.yaml | 152 + .../monitoring.coreos.com/v1/probes.yaml | 152 + .../v1/prometheuses.yaml | 308 +- .../v1/servicemonitors.yaml | 152 + .../v1alpha1/alertmanagerconfigs.yaml | 1890 +++- .../v1alpha1/prometheusagents.yaml | 154 +- .../v1alpha1/scrapeconfigs.yaml | 2144 ++++- .../v1beta1/alertmanagerconfigs.yaml | 1890 +++- .../ceph.rook.io/v1/cephobjectstores.yaml | 69 + .../v1alpha4/databases.yaml | 12 +- .../v1alpha4/datatypes.yaml | 12 +- .../v1alpha4/migrations.yaml | 12 +- .../v1alpha4/tables.yaml | 14 +- .../gloo/gateway.solo.io/v1/gateways.yaml | 6 + .../gloo/gateway.solo.io/v1/httpgateways.yaml | 3 + .../gloo/gloo.solo.io/v1/upstreams.yaml | 9 + .../traefik.io/v1alpha1/middlewares.yaml | 7 +- .../src/acme_cert_manager_io/v1/challenges.rs | 1328 ++- .../certificateauthorityactivations.rs | 2 + .../v1alpha1/certificates.rs | 4 + .../v1alpha1/bundles.rs | 72 + .../v1alpha1/authorizers.rs | 2 + .../v1alpha1/deployments.rs | 2 + .../v1alpha1/routes.rs | 6 + .../v1alpha1/stages.rs | 4 + .../v1alpha1/backuppolicytemplates.rs | 148 +- .../v1alpha1/clusterdefinitions.rs | 8206 ----------------- .../apps_kubeblocks_io/v1alpha1/clusters.rs | 1090 ++- .../v1alpha1/componentdefinitions.rs | 287 +- .../apps_kubeblocks_io/v1alpha1/components.rs | 492 +- .../v1alpha1/opsdefinitions.rs | 285 +- .../v1alpha1/opsrequests.rs | 508 +- .../src/camel_apache_org/v1/builds.rs | 214 +- .../src/camel_apache_org/v1/kamelets.rs | 120 +- .../src/camel_apache_org/v1alpha1/kamelets.rs | 117 +- .../src/ceph_rook_io/v1/cephobjectstores.rs | 72 + .../src/cert_manager_io/v1/clusterissuers.rs | 1328 ++- .../src/cert_manager_io/v1/issuers.rs | 1328 ++- .../v1alpha1/distributions.rs | 2 + .../v1alpha1/loggroups.rs | 2 + .../data_fluid_io/v1alpha1/alluxioruntimes.rs | 98 + .../v1alpha1/backuppolicies.rs | 140 + .../v1alpha1/backups.rs | 140 + .../v1alpha1/restores.rs | 199 +- .../v1alpha1/dbclusters.rs | 6 + .../v1alpha1/dbinstances.rs | 2 + .../v1alpha1/dbsubnetgroups.rs | 2 + .../v1alpha1/dhcpoptions.rs | 2 + .../v1alpha1/internetgateways.rs | 4 + .../v1alpha1/natgateways.rs | 4 + .../v1alpha1/routetables.rs | 12 + .../v1alpha1/securitygroups.rs | 10 + .../ec2_services_k8s_aws/v1alpha1/subnets.rs | 4 + .../v1alpha1/vpcendpoints.rs | 8 + .../v1alpha1/accesspoints.rs | 2 + .../v1alpha1/filesystems.rs | 2 + .../v1alpha1/mounttargets.rs | 6 + .../eks_services_k8s_aws/v1alpha1/addons.rs | 4 + .../eks_services_k8s_aws/v1alpha1/clusters.rs | 8 + .../v1alpha1/fargateprofiles.rs | 6 + .../v1alpha1/nodegroups.rs | 8 + .../v1alpha1/jobruns.rs | 2 + .../v1beta1/clustersecretstores.rs | 151 + .../v1beta1/secretstores.rs | 151 + .../v1beta1/flinkdeployments.rs | 24 + .../v1beta1/flinksessionjobs.rs | 24 + .../v1beta1/flowcollectors.rs | 28 + .../v1beta2/flowcollectors.rs | 28 + .../v1/httproutes.rs | 15 +- .../v1beta1/httproutes.rs | 15 +- .../v1/clusterdeploymentcustomizations.rs | 4 +- .../v1/clusterdeployments.rs | 48 +- .../v1/clusterdeprovisions.rs | 20 +- .../src/hive_openshift_io/v1/clusterpools.rs | 30 +- .../hive_openshift_io/v1/clusterprovisions.rs | 8 +- .../src/hive_openshift_io/v1/dnszones.rs | 6 +- .../src/hive_openshift_io/v1/hiveconfigs.rs | 20 +- .../src/hive_openshift_io/v1/machinepools.rs | 2 +- .../v1/syncidentityproviders.rs | 2 +- .../v1alpha1/fakeclusterinstalls.rs | 6 +- .../src/jobset_x_k8s_io/v1alpha2/jobsets.rs | 465 +- .../src/k8s_mariadb_com/v1alpha1/mariadbs.rs | 12 +- .../src/k8s_mariadb_com/v1alpha1/maxscales.rs | 13 +- .../src/k8s_nginx_org/v1/policies.rs | 4 + .../v1alpha1/clusters.rs | 2 + .../src/karpenter_sh/v1/nodepools.rs | 8 +- .../src/karpenter_sh/v1beta1/nodepools.rs | 5 - .../kms_services_k8s_aws/v1alpha1/aliases.rs | 2 + .../kms_services_k8s_aws/v1alpha1/grants.rs | 2 + .../src/kyverno_io/v1/clusterpolicies.rs | 44 +- .../src/kyverno_io/v1/policies.rs | 44 +- .../src/kyverno_io/v2beta1/clusterpolicies.rs | 44 +- .../src/kyverno_io/v2beta1/policies.rs | 44 +- .../v1beta1/syslogngclusteroutputs.rs | 193 + .../v1beta1/syslogngoutputs.rs | 193 + .../v1alpha1/acls.rs | 2 + .../v1alpha1/clusters.rs | 12 + .../v1alpha1/snapshots.rs | 4 + .../v1alpha1/subnetgroups.rs | 2 + .../monitoring_coreos_com/v1/alertmanagers.rs | 232 + .../monitoring_coreos_com/v1/podmonitors.rs | 229 + .../src/monitoring_coreos_com/v1/probes.rs | 229 + .../monitoring_coreos_com/v1/prometheuses.rs | 465 +- .../v1/servicemonitors.rs | 229 + .../v1alpha1/alertmanagerconfigs.rs | 3532 ++++++- .../v1alpha1/prometheusagents.rs | 234 +- .../v1alpha1/scrapeconfigs.rs | 3769 +++++++- .../v1beta1/alertmanagerconfigs.rs | 3540 ++++++- .../mq_services_k8s_aws/v1alpha1/brokers.rs | 4 + .../v1alpha1/firewalls.rs | 8 +- .../v1alpha1/domains.rs | 395 +- .../src/org_eclipse_che/v2/checlusters.rs | 6 +- .../v1alpha1/clusterpropagationpolicies.rs | 44 +- .../v1alpha1/propagationpolicies.rs | 44 +- .../v1alpha1/alertmanagerdefinitions.rs | 2 + .../v1alpha1/loggingconfigurations.rs | 2 + .../v1alpha1/rulegroupsnamespaces.rs | 2 + .../v1alpha1/dbclusters.rs | 10 + .../v1alpha1/dbinstances.rs | 10 + .../v1alpha1/dbsubnetgroups.rs | 2 + .../v1alpha1/recordsets.rs | 2 + .../v1alpha1/resolverendpoints.rs | 4 + .../schemas_schemahero_io/v1alpha4/tables.rs | 5 +- .../v1alpha1/platformapplications.rs | 10 + .../v1alpha1/platformendpoints.rs | 8 - .../v1alpha1/subscriptions.rs | 2 + .../sns_services_k8s_aws/v1alpha1/topics.rs | 4 + .../v1beta2/buckets.rs | 35 + .../sqs_services_k8s_aws/v1alpha1/queues.rs | 4 + .../v1alpha2/clusterresourcebindings.rs | 44 +- .../v1alpha2/resourcebindings.rs | 44 +- .../v1alpha1/instancesets.rs | 650 +- 274 files changed, 36874 insertions(+), 20166 deletions(-) diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml index 894e2e9ef..0e737c2d8 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/builds.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "builds.camel.apache.org" spec: group: "camel.apache.org" @@ -47,18 +45,18 @@ spec: description: "Build is the Schema for the builds API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" spec: - description: "BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate to think it as pipeline." + description: "BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate\nto think it as pipeline." properties: configuration: - description: "The configuration that should be used to perform the Build. Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility" + description: "The configuration that should be used to perform the Build.\nDeprecated: no longer in use in Camel K 2 - maintained for backward compatibility" properties: annotations: additionalProperties: @@ -108,11 +106,11 @@ spec: type: "string" type: "object" maxRunningBuilds: - description: "the maximum amount of parallel running builds started by this operator instance Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility" + description: "the maximum amount of parallel running builds started by this operator instance\nDeprecated: no longer in use in Camel K 2 - maintained for backward compatibility" format: "int32" type: "integer" operatorNamespace: - description: "The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation). Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility" + description: "The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation).\nDeprecated: no longer in use in Camel K 2 - maintained for backward compatibility" type: "string" tasks: description: "The sequence of tasks (pipeline) to be performed." @@ -120,7 +118,7 @@ spec: description: "Task represents the abstract task. Only one of the task should be configured to represent the specific task chosen." properties: buildah: - description: "a BuildahTask, for Buildah strategy Deprecated: use jib, s2i or a custom publishing strategy instead" + description: "a BuildahTask, for Buildah strategy\nDeprecated: use jib, s2i or a custom publishing strategy instead" properties: baseImage: description: "base image layer" @@ -281,7 +279,7 @@ spec: description: "the configuration required by Maven for the application build phase" properties: caSecrets: - description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore." + description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore." items: description: "SecretKeySelector selects a key of a Secret." properties: @@ -289,7 +287,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -297,14 +295,15 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "array" cliOptions: - description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." + description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." items: type: "string" type: "array" extension: - description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html." + description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html." items: description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact." properties: @@ -332,7 +331,7 @@ spec: description: "The path of the local Maven repository." type: "string" profiles: - description: "A reference to the ConfigMap or Secret key that contains the Maven profile." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile." items: description: "ValueSource --." properties: @@ -343,7 +342,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -351,6 +350,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -358,7 +358,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -366,6 +366,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" properties: @@ -388,13 +389,13 @@ spec: description: "can use stable releases" properties: checksumPolicy: - description: "When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums." + description: "When Maven deploys files to the repository, it also deploys corresponding checksum files.\nYour options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums." type: "string" enabled: description: "is the policy activated or not" type: "boolean" updatePolicy: - description: "This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`" + description: "This element specifies how often updates should attempt to occur.\nMaven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.\nThe choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`" type: "string" required: - "enabled" @@ -403,13 +404,13 @@ spec: description: "can use snapshot" properties: checksumPolicy: - description: "When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums." + description: "When Maven deploys files to the repository, it also deploys corresponding checksum files.\nYour options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums." type: "string" enabled: description: "is the policy activated or not" type: "boolean" updatePolicy: - description: "This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`" + description: "This element specifies how often updates should attempt to occur.\nMaven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.\nThe choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`" type: "string" required: - "enabled" @@ -441,7 +442,7 @@ spec: type: "object" type: "array" settings: - description: "A reference to the ConfigMap or Secret key that contains the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -450,7 +451,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -458,6 +459,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -465,7 +467,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -473,9 +475,10 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" settingsSecurity: - description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -484,7 +487,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -492,6 +495,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -499,7 +503,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -507,6 +511,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "object" name: @@ -520,7 +525,7 @@ spec: type: "string" capabilities: additionalProperties: - description: "Capability is a particular feature which requires a well known set of dependencies and other properties which are specified in the runtime catalog." + description: "Capability is a particular feature which requires a well known set of dependencies and other properties\nwhich are specified in the runtime catalog." properties: buildTimeProperties: description: "Set of required Camel build time properties" @@ -647,7 +652,7 @@ spec: description: "True if the spec is generated from a Kamelet" type: "boolean" interceptors: - description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources" + description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources" items: type: "string" type: "array" @@ -655,7 +660,7 @@ spec: description: "specify which is the language (Camel DSL) used to interpret this source code" type: "string" loader: - description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime" + description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime" type: "string" name: description: "the name of the specification" @@ -687,7 +692,7 @@ spec: description: "User customizable task execution. These are executed after the build and before the package task." properties: command: - description: "the command to execute Deprecated: use ContainerCommands" + description: "the command to execute\nDeprecated: use ContainerCommands" type: "string" commands: description: "the command to execute" @@ -844,7 +849,7 @@ spec: type: "object" type: "object" kaniko: - description: "a KanikoTask, for Kaniko strategy Deprecated: use jib, s2i or a custom publishing strategy instead" + description: "a KanikoTask, for Kaniko strategy\nDeprecated: use jib, s2i or a custom publishing strategy instead" properties: baseImage: description: "base image layer" @@ -945,7 +950,7 @@ spec: type: "boolean" type: "object" package: - description: "Application pre publishing a PackageTask, used to package the project" + description: "Application pre publishing\na PackageTask, used to package the project" properties: baseImage: description: "the base image layer" @@ -1012,7 +1017,7 @@ spec: description: "the configuration required by Maven for the application build phase" properties: caSecrets: - description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore." + description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore." items: description: "SecretKeySelector selects a key of a Secret." properties: @@ -1020,7 +1025,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1028,14 +1033,15 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "array" cliOptions: - description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." + description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." items: type: "string" type: "array" extension: - description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html." + description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html." items: description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact." properties: @@ -1063,7 +1069,7 @@ spec: description: "The path of the local Maven repository." type: "string" profiles: - description: "A reference to the ConfigMap or Secret key that contains the Maven profile." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile." items: description: "ValueSource --." properties: @@ -1074,7 +1080,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1082,6 +1088,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -1089,7 +1096,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1097,6 +1104,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" properties: @@ -1119,13 +1127,13 @@ spec: description: "can use stable releases" properties: checksumPolicy: - description: "When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums." + description: "When Maven deploys files to the repository, it also deploys corresponding checksum files.\nYour options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums." type: "string" enabled: description: "is the policy activated or not" type: "boolean" updatePolicy: - description: "This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`" + description: "This element specifies how often updates should attempt to occur.\nMaven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.\nThe choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`" type: "string" required: - "enabled" @@ -1134,13 +1142,13 @@ spec: description: "can use snapshot" properties: checksumPolicy: - description: "When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums." + description: "When Maven deploys files to the repository, it also deploys corresponding checksum files.\nYour options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums." type: "string" enabled: description: "is the policy activated or not" type: "boolean" updatePolicy: - description: "This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`" + description: "This element specifies how often updates should attempt to occur.\nMaven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote.\nThe choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never`" type: "string" required: - "enabled" @@ -1172,7 +1180,7 @@ spec: type: "object" type: "array" settings: - description: "A reference to the ConfigMap or Secret key that contains the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -1181,7 +1189,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1189,6 +1197,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -1196,7 +1205,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1204,9 +1213,10 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" settingsSecurity: - description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -1215,7 +1225,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1223,6 +1233,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -1230,7 +1241,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1238,6 +1249,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "object" name: @@ -1251,7 +1263,7 @@ spec: type: "string" capabilities: additionalProperties: - description: "Capability is a particular feature which requires a well known set of dependencies and other properties which are specified in the runtime catalog." + description: "Capability is a particular feature which requires a well known set of dependencies and other properties\nwhich are specified in the runtime catalog." properties: buildTimeProperties: description: "Set of required Camel build time properties" @@ -1378,7 +1390,7 @@ spec: description: "True if the spec is generated from a Kamelet" type: "boolean" interceptors: - description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources" + description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources" items: type: "string" type: "array" @@ -1386,7 +1398,7 @@ spec: description: "specify which is the language (Camel DSL) used to interpret this source code" type: "string" loader: - description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime" + description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime" type: "string" name: description: "the name of the specification" @@ -1503,7 +1515,7 @@ spec: type: "string" type: "object" spectrum: - description: "a SpectrumTask, for Spectrum strategy Deprecated: use jib, s2i or a custom publishing strategy instead" + description: "a SpectrumTask, for Spectrum strategy\nDeprecated: use jib, s2i or a custom publishing strategy instead" properties: baseImage: description: "base image layer" @@ -1590,11 +1602,11 @@ spec: type: "object" type: "array" timeout: - description: "Timeout defines the Build maximum execution duration. The Build deadline is set to the Build start time plus the Timeout duration. If the Build deadline is exceeded, the Build context is canceled, and its phase set to BuildPhaseFailed." + description: "Timeout defines the Build maximum execution duration.\nThe Build deadline is set to the Build start time plus the Timeout duration.\nIf the Build deadline is exceeded, the Build context is canceled,\nand its phase set to BuildPhaseFailed." format: "duration" type: "string" toolImage: - description: "The container image to be used to run the build. Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility" + description: "The container image to be used to run the build.\nDeprecated: no longer in use in Camel K 2 - maintained for backward compatibility" type: "string" type: "object" status: @@ -1658,7 +1670,7 @@ spec: description: "the digest from image" type: "string" duration: - description: "how long it took for the build Change to Duration / ISO 8601 when CRD uses OpenAPI spec v3 https://github.com/OAI/OpenAPI-Specification/issues/845" + description: "how long it took for the build\nChange to Duration / ISO 8601 when CRD uses OpenAPI spec v3\nhttps://github.com/OAI/OpenAPI-Specification/issues/845" type: "string" error: description: "the error description (if any)" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/camelcatalogs.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/camelcatalogs.yaml index 7fcf5eb05..cf368e92e 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/camelcatalogs.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/camelcatalogs.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "camelcatalogs.camel.apache.org" spec: group: "camel.apache.org" @@ -43,10 +41,10 @@ spec: description: "CamelCatalog represents the languages, components, data formats and capabilities enabled on a given runtime provider. The catalog may be statically generated." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -328,7 +326,7 @@ spec: type: "string" capabilities: additionalProperties: - description: "Capability is a particular feature which requires a well known set of dependencies and other properties which are specified in the runtime catalog." + description: "Capability is a particular feature which requires a well known set of dependencies and other properties\nwhich are specified in the runtime catalog." properties: buildTimeProperties: description: "Set of required Camel build time properties" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml index dfd6431a1..5ac442b98 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationkits.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "integrationkits.camel.apache.org" spec: group: "camel.apache.org" @@ -48,13 +46,13 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "IntegrationKit defines a container image and additional configuration needed to run an `Integration`. An `IntegrationKit` is a generic image generally built from the requirements of an `Integration`, but agnostic to it, in order to be reused by any other `Integration` which has the same required set of capabilities. An `IntegrationKit` may be used for other kits as a base container layer, when the `incremental` build option is enabled." + description: "IntegrationKit defines a container image and additional configuration needed to run an `Integration`.\nAn `IntegrationKit` is a generic image generally built from the requirements of an `Integration`, but agnostic to it,\nin order to be reused by any other `Integration` which has the same required set of capabilities. An `IntegrationKit`\nmay be used for other kits as a base container layer, when the `incremental` build option is enabled." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -67,7 +65,7 @@ spec: type: "string" type: "array" configuration: - description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes configuration used by the kit" + description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes\nconfiguration used by the kit" items: description: "ConfigurationSpec represents a generic configuration specification." properties: @@ -122,7 +120,7 @@ spec: description: "True if the spec is generated from a Kamelet" type: "boolean" interceptors: - description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources" + description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources" items: type: "string" type: "array" @@ -130,7 +128,7 @@ spec: description: "specify which is the language (Camel DSL) used to interpret this source code" type: "string" loader: - description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime" + description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime" type: "string" name: description: "the name of the specification" @@ -171,10 +169,10 @@ spec: description: "When using `pod` strategy, annotation to use for the builder pod." type: "object" baseImage: - description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)." + description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -184,13 +182,13 @@ spec: description: "Use the incremental image build option, to reuse existing containers (default `true`)" type: "boolean" limitCPU: - description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" limitMemory: - description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" mavenProfiles: - description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." + description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." items: type: "string" type: "array" @@ -217,10 +215,10 @@ spec: type: "string" type: "array" requestCPU: - description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" requestMemory: - description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" strategy: description: "The strategy to use, either `pod` or `routine` (default `routine`)" @@ -234,7 +232,7 @@ spec: type: "string" type: "array" tasksFilter: - description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy." + description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy." type: "string" tasksLimitCPU: description: "A list of limit cpu configuration for the specific task with format `:`." @@ -257,14 +255,14 @@ spec: type: "string" type: "array" verbose: - description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use" + description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use" type: "boolean" type: "object" camel: description: "The Camel trait sets up Camel configuration." properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -276,14 +274,14 @@ spec: type: "string" type: "array" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster." + description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." type: "string" type: "object" quarkus: - description: "The Quarkus trait configures the Quarkus runtime. It's enabled by default. NOTE: Compiling to a native executable, requires at least 4GiB of memory, so the Pod running the native build must have enough memory available." + description: "The Quarkus trait configures the Quarkus runtime.\nIt's enabled by default.\nNOTE: Compiling to a native executable, requires at least 4GiB of memory, so the Pod running the native build must have enough memory available." properties: buildMode: - description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready." + description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready." items: description: "QuarkusMode is the type of Quarkus build packaging." enum: @@ -292,7 +290,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -305,9 +303,9 @@ spec: description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)" type: "string" packageTypes: - description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead." + description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead." items: - description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead." + description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead." enum: - "fast-jar" - "native" @@ -315,10 +313,10 @@ spec: type: "array" type: "object" registry: - description: "The Registry trait sets up Maven to use the Image registry as a Maven repository. Deprecated: use jvm trait or read documentation." + description: "The Registry trait sets up Maven to use the Image registry as a Maven repository (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation." properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml index 88680ea85..e74ebd07c 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationplatforms.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "integrationplatforms.camel.apache.org" spec: group: "camel.apache.org" @@ -44,13 +42,13 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "IntegrationPlatform is the resource used to drive the Camel K operator behavior. It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace. When the Camel K operator is installed in `global` mode, you will need to specify an `IntegrationPlatform` in each namespace where you want the Camel K operator to be executed." + description: "IntegrationPlatform is the resource used to drive the Camel K operator behavior.\nIt defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace.\nWhen the Camel K operator is installed in `global` mode,\nyou will need to specify an `IntegrationPlatform` in each namespace where you want the Camel K operator to be executed." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -66,10 +64,10 @@ spec: description: "Generic options that can used by any publish strategy" type: "object" baseImage: - description: "a base image that can be used as base layer for all images. It can be useful if you want to provide some custom base image with further utility software" + description: "a base image that can be used as base layer for all images.\nIt can be useful if you want to provide some custom base image with further utility software" type: "string" buildCatalogToolTimeout: - description: "the timeout (in seconds) to use when creating the build tools container image Deprecated: no longer in use" + description: "the timeout (in seconds) to use when creating the build tools container image\nDeprecated: no longer in use" type: "string" buildConfiguration: description: "the configuration required to build an Integration container image" @@ -125,7 +123,7 @@ spec: description: "Maven configuration used to build the Camel/Camel-Quarkus applications" properties: caSecrets: - description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore." + description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore." items: description: "SecretKeySelector selects a key of a Secret." properties: @@ -133,7 +131,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -141,14 +139,15 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "array" cliOptions: - description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." + description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." items: type: "string" type: "array" extension: - description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html." + description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html." items: description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact." properties: @@ -176,7 +175,7 @@ spec: description: "The path of the local Maven repository." type: "string" profiles: - description: "A reference to the ConfigMap or Secret key that contains the Maven profile." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile." items: description: "ValueSource --." properties: @@ -187,7 +186,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -195,6 +194,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -202,7 +202,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -210,6 +210,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" properties: @@ -218,7 +219,7 @@ spec: description: "The Maven properties." type: "object" settings: - description: "A reference to the ConfigMap or Secret key that contains the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -227,7 +228,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -235,6 +236,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -242,7 +244,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -250,9 +252,10 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" settingsSecurity: - description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -261,7 +264,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -269,6 +272,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -276,7 +280,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -284,6 +288,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "object" maxRunningBuilds: @@ -326,7 +331,7 @@ spec: description: "what kind of cluster you're running (ie, plain Kubernetes or OpenShift)" type: "string" configuration: - description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform" + description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes\nlist of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform" items: description: "ConfigurationSpec represents a generic configuration specification." properties: @@ -356,7 +361,7 @@ spec: type: "array" type: "object" profile: - description: "the profile you wish to use. It will apply certain traits which are required by the specific profile chosen. It usually relates the Cluster with the optional definition of special profiles (ie, Knative)" + description: "the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.\nIt usually relates the Cluster with the optional definition of special profiles (ie, Knative)" type: "string" traits: description: "list of traits to be executed for all the Integration/IntegrationKits built from this IntegrationPlatform" @@ -382,7 +387,7 @@ spec: description: "The configuration of Affinity trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -397,7 +402,7 @@ spec: description: "Always co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with." items: type: "string" type: "array" @@ -405,7 +410,7 @@ spec: description: "Never co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAntiAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with." items: type: "string" type: "array" @@ -419,10 +424,10 @@ spec: description: "When using `pod` strategy, annotation to use for the builder pod." type: "object" baseImage: - description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)." + description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -432,13 +437,13 @@ spec: description: "Use the incremental image build option, to reuse existing containers (default `true`)" type: "boolean" limitCPU: - description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" limitMemory: - description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" mavenProfiles: - description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." + description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." items: type: "string" type: "array" @@ -465,10 +470,10 @@ spec: type: "string" type: "array" requestCPU: - description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" requestMemory: - description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" strategy: description: "The strategy to use, either `pod` or `routine` (default `routine`)" @@ -482,7 +487,7 @@ spec: type: "string" type: "array" tasksFilter: - description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy." + description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy." type: "string" tasksLimitCPU: description: "A list of limit cpu configuration for the specific task with format `:`." @@ -505,14 +510,14 @@ spec: type: "string" type: "array" verbose: - description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use" + description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use" type: "boolean" type: "object" camel: description: "The configuration of Camel trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -524,7 +529,7 @@ spec: type: "string" type: "array" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster." + description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." type: "string" type: "object" container: @@ -549,7 +554,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -559,7 +564,7 @@ spec: description: "Can be used to enable/disable exposure via kubernetes Service." type: "boolean" image: - description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." + description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." type: "string" imagePullPolicy: description: "The pull policy: Always|Never|IfNotPresent" @@ -613,41 +618,41 @@ spec: description: "The configuration of Cron trait" properties: activeDeadlineSeconds: - description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s." + description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s." format: "int64" type: "integer" auto: - description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)." + description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)." type: "boolean" backoffLimit: - description: "Specifies the number of retries before marking the job failed. It defaults to 2." + description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2." format: "int32" type: "integer" components: - description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`." + description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`." type: "string" concurrencyPolicy: - description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one" + description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one" enum: - "Allow" - "Forbid" - "Replace" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" fallback: - description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob." + description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob." type: "boolean" schedule: - description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly." + description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly." type: "string" startingDeadlineSeconds: - description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones." + description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones." format: "int64" type: "integer" timeZone: @@ -658,7 +663,7 @@ spec: description: "The configuration of Dependencies trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -669,7 +674,7 @@ spec: description: "The configuration of Deployer trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -683,34 +688,34 @@ spec: - "knative-service" type: "string" useSSA: - description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." + description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." type: "boolean" type: "object" deployment: description: "The configuration of Deployment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Deprecated: no longer in use." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`." + description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`." format: "int32" type: "integer" rollingUpdateMaxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`." + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`." x-kubernetes-int-or-string: true rollingUpdateMaxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`." x-kubernetes-int-or-string: true strategy: description: "The deployment strategy to use to replace existing pods with new ones." @@ -723,7 +728,7 @@ spec: description: "The configuration of Environment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true containerMeta: @@ -736,7 +741,7 @@ spec: description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)" type: "boolean" vars: - description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables." + description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables." items: type: "string" type: "array" @@ -745,7 +750,7 @@ spec: description: "The configuration of Error Handler trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -759,11 +764,11 @@ spec: description: "The configuration of GC trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." enum: - "disabled" - "disk" @@ -777,7 +782,7 @@ spec: description: "The configuration of Health trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -877,13 +882,13 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" + description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" type: "object" auto: description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -896,7 +901,7 @@ spec: description: "To configure the path exposed by the ingress (default `/`)." type: "string" pathType: - description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." + description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." enum: - "Exact" - "Prefix" @@ -918,7 +923,7 @@ spec: description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -932,15 +937,15 @@ spec: description: "The configuration of Jolokia trait" properties: CACert: - description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." + description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." type: "string" clientPrincipal: - description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." + description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryEnabled: @@ -950,13 +955,13 @@ spec: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" extendedClientCheck: - description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)." + description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)." type: "boolean" host: - description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)." + description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)." type: "string" options: - description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" + description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" items: type: "string" type: "array" @@ -983,7 +988,7 @@ spec: description: "Additional JVM classpath (use `Linux` classpath separator)" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true debug: @@ -1007,7 +1012,7 @@ spec: type: "string" type: "array" printCommand: - description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use." + description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use." type: "boolean" type: "object" kamelets: @@ -1017,7 +1022,7 @@ spec: description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1047,12 +1052,12 @@ spec: description: "Enable automatic discovery of all trait properties." type: "boolean" channelSinks: - description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" channelSources: - description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" @@ -1060,14 +1065,14 @@ spec: description: "Can be used to inject a Knative complete configuration in JSON format." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" endpointSinks: - description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs." + description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs." items: type: "string" type: "array" @@ -1077,31 +1082,31 @@ spec: type: "string" type: "array" eventSinks: - description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)." + description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)." items: type: "string" type: "array" eventSources: - description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." + description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." items: type: "string" type: "array" filterEventType: - description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" + description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" type: "boolean" filterSourceChannels: - description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default." + description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default." type: "boolean" filters: - description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration." + description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration." items: type: "string" type: "array" namespaceLabel: - description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" + description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" type: "boolean" sinkBinding: - description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)." + description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)." type: "boolean" type: "object" knative-service: @@ -1110,45 +1115,45 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" auto: - description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" + description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" type: "boolean" autoscalingMetric: - description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information." type: "string" autoscalingTarget: - description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information." + description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information." type: "integer" class: - description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information." enum: - "kpa.autoscaling.knative.dev" - "hpa.autoscaling.knative.dev" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxScale: - description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information." + description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information." type: "integer" minScale: - description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information." + description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information." type: "integer" rolloutDuration: - description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision." + description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision." type: "string" timeoutSeconds: - description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information." + description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information." format: "int64" type: "integer" visibility: - description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information." + description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information." enum: - "cluster-local" type: "string" @@ -1160,7 +1165,7 @@ spec: description: "Colorize the log output" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1199,12 +1204,12 @@ spec: description: "The configuration of Mount trait" properties: configs: - description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" + description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true emptyDirs: @@ -1216,15 +1221,15 @@ spec: description: "Deprecated: no longer in use." type: "boolean" hotReload: - description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata." + description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata." type: "boolean" resources: - description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" + description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" items: type: "string" type: "array" scanKameletsImplicitLabelSecrets: - description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." + description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." type: "boolean" volumes: description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]" @@ -1236,12 +1241,12 @@ spec: description: "The configuration of OpenAPI trait" properties: configmaps: - description: "The configmaps holding the spec of the OpenAPI" + description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1252,7 +1257,7 @@ spec: description: "The configuration of Owner trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1273,44 +1278,44 @@ spec: description: "The configuration of PDB trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxUnavailable: - description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified." + description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified." type: "string" minAvailable: - description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified." + description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified." type: "string" type: "object" platform: description: "The configuration of Platform trait" properties: auto: - description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true createDefault: - description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" enabled: description: "Deprecated: no longer in use." type: "boolean" global: - description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" type: "object" pod: description: "The configuration of Pod trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1321,7 +1326,7 @@ spec: description: "The configuration of Prometheus trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1343,7 +1348,7 @@ spec: description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1360,7 +1365,7 @@ spec: description: "The configuration of Quarkus trait" properties: buildMode: - description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready." + description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready." items: description: "QuarkusMode is the type of Quarkus build packaging." enum: @@ -1369,7 +1374,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1382,9 +1387,9 @@ spec: description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)" type: "string" packageTypes: - description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead." + description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead." items: - description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead." + description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead." enum: - "fast-jar" - "native" @@ -1392,10 +1397,10 @@ spec: type: "array" type: "object" registry: - description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation." + description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation." properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1408,10 +1413,10 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1421,38 +1426,38 @@ spec: description: "To configure the host exposed by the route." type: "string" tlsCACertificate: - description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCACertificateSecret: - description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificate: - description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificateSecret: - description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificate: - description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information." + description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificateSecret: - description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsInsecureEdgeTerminationPolicy: - description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information." + description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "None" - "Allow" - "Redirect" type: "string" tlsKey: - description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsKeySecret: - description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsTermination: - description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "edge" - "reencrypt" @@ -1463,7 +1468,7 @@ spec: description: "The configuration of Security Context trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1490,14 +1495,14 @@ spec: description: "To automatically detect from the code if a Service needs to be created." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" nodePort: - description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead." + description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead." type: "boolean" type: description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'." @@ -1511,7 +1516,7 @@ spec: description: "The configuration of Service Binding trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1537,7 +1542,7 @@ spec: description: "The configuration of Toleration trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1573,10 +1578,10 @@ spec: description: "Generic options that can used by any publish strategy" type: "object" baseImage: - description: "a base image that can be used as base layer for all images. It can be useful if you want to provide some custom base image with further utility software" + description: "a base image that can be used as base layer for all images.\nIt can be useful if you want to provide some custom base image with further utility software" type: "string" buildCatalogToolTimeout: - description: "the timeout (in seconds) to use when creating the build tools container image Deprecated: no longer in use" + description: "the timeout (in seconds) to use when creating the build tools container image\nDeprecated: no longer in use" type: "string" buildConfiguration: description: "the configuration required to build an Integration container image" @@ -1632,7 +1637,7 @@ spec: description: "Maven configuration used to build the Camel/Camel-Quarkus applications" properties: caSecrets: - description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore." + description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore." items: description: "SecretKeySelector selects a key of a Secret." properties: @@ -1640,7 +1645,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1648,14 +1653,15 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "array" cliOptions: - description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." + description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." items: type: "string" type: "array" extension: - description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html." + description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html." items: description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact." properties: @@ -1683,7 +1689,7 @@ spec: description: "The path of the local Maven repository." type: "string" profiles: - description: "A reference to the ConfigMap or Secret key that contains the Maven profile." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile." items: description: "ValueSource --." properties: @@ -1694,7 +1700,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1702,6 +1708,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -1709,7 +1716,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1717,6 +1724,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" properties: @@ -1725,7 +1733,7 @@ spec: description: "The Maven properties." type: "object" settings: - description: "A reference to the ConfigMap or Secret key that contains the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -1734,7 +1742,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1742,6 +1750,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -1749,7 +1758,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1757,9 +1766,10 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" settingsSecurity: - description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -1768,7 +1778,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1776,6 +1786,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -1783,7 +1794,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1791,6 +1802,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "object" maxRunningBuilds: @@ -1863,7 +1875,7 @@ spec: type: "object" type: "array" configuration: - description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes list of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform" + description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes\nlist of configuration properties to be attached to all the Integration/IntegrationKits built from this IntegrationPlatform" items: description: "ConfigurationSpec represents a generic configuration specification." properties: @@ -1905,7 +1917,7 @@ spec: description: "defines in what phase the IntegrationPlatform is found" type: "string" profile: - description: "the profile you wish to use. It will apply certain traits which are required by the specific profile chosen. It usually relates the Cluster with the optional definition of special profiles (ie, Knative)" + description: "the profile you wish to use. It will apply certain traits which are required by the specific profile chosen.\nIt usually relates the Cluster with the optional definition of special profiles (ie, Knative)" type: "string" traits: description: "list of traits to be executed for all the Integration/IntegrationKits built from this IntegrationPlatform" @@ -1931,7 +1943,7 @@ spec: description: "The configuration of Affinity trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1946,7 +1958,7 @@ spec: description: "Always co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with." items: type: "string" type: "array" @@ -1954,7 +1966,7 @@ spec: description: "Never co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAntiAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with." items: type: "string" type: "array" @@ -1968,10 +1980,10 @@ spec: description: "When using `pod` strategy, annotation to use for the builder pod." type: "object" baseImage: - description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)." + description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1981,13 +1993,13 @@ spec: description: "Use the incremental image build option, to reuse existing containers (default `true`)" type: "boolean" limitCPU: - description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" limitMemory: - description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" mavenProfiles: - description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." + description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." items: type: "string" type: "array" @@ -2014,10 +2026,10 @@ spec: type: "string" type: "array" requestCPU: - description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" requestMemory: - description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" strategy: description: "The strategy to use, either `pod` or `routine` (default `routine`)" @@ -2031,7 +2043,7 @@ spec: type: "string" type: "array" tasksFilter: - description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy." + description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy." type: "string" tasksLimitCPU: description: "A list of limit cpu configuration for the specific task with format `:`." @@ -2054,14 +2066,14 @@ spec: type: "string" type: "array" verbose: - description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use" + description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use" type: "boolean" type: "object" camel: description: "The configuration of Camel trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2073,7 +2085,7 @@ spec: type: "string" type: "array" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster." + description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." type: "string" type: "object" container: @@ -2098,7 +2110,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2108,7 +2120,7 @@ spec: description: "Can be used to enable/disable exposure via kubernetes Service." type: "boolean" image: - description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." + description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." type: "string" imagePullPolicy: description: "The pull policy: Always|Never|IfNotPresent" @@ -2162,41 +2174,41 @@ spec: description: "The configuration of Cron trait" properties: activeDeadlineSeconds: - description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s." + description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s." format: "int64" type: "integer" auto: - description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)." + description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)." type: "boolean" backoffLimit: - description: "Specifies the number of retries before marking the job failed. It defaults to 2." + description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2." format: "int32" type: "integer" components: - description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`." + description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`." type: "string" concurrencyPolicy: - description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one" + description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one" enum: - "Allow" - "Forbid" - "Replace" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" fallback: - description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob." + description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob." type: "boolean" schedule: - description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly." + description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly." type: "string" startingDeadlineSeconds: - description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones." + description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones." format: "int64" type: "integer" timeZone: @@ -2207,7 +2219,7 @@ spec: description: "The configuration of Dependencies trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2218,7 +2230,7 @@ spec: description: "The configuration of Deployer trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2232,34 +2244,34 @@ spec: - "knative-service" type: "string" useSSA: - description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." + description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." type: "boolean" type: "object" deployment: description: "The configuration of Deployment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Deprecated: no longer in use." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`." + description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`." format: "int32" type: "integer" rollingUpdateMaxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`." + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`." x-kubernetes-int-or-string: true rollingUpdateMaxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`." x-kubernetes-int-or-string: true strategy: description: "The deployment strategy to use to replace existing pods with new ones." @@ -2272,7 +2284,7 @@ spec: description: "The configuration of Environment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true containerMeta: @@ -2285,7 +2297,7 @@ spec: description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)" type: "boolean" vars: - description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables." + description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables." items: type: "string" type: "array" @@ -2294,7 +2306,7 @@ spec: description: "The configuration of Error Handler trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2308,11 +2320,11 @@ spec: description: "The configuration of GC trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." enum: - "disabled" - "disk" @@ -2326,7 +2338,7 @@ spec: description: "The configuration of Health trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2426,13 +2438,13 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" + description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" type: "object" auto: description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2445,7 +2457,7 @@ spec: description: "To configure the path exposed by the ingress (default `/`)." type: "string" pathType: - description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." + description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." enum: - "Exact" - "Prefix" @@ -2467,7 +2479,7 @@ spec: description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2481,15 +2493,15 @@ spec: description: "The configuration of Jolokia trait" properties: CACert: - description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." + description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." type: "string" clientPrincipal: - description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." + description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryEnabled: @@ -2499,13 +2511,13 @@ spec: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" extendedClientCheck: - description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)." + description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)." type: "boolean" host: - description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)." + description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)." type: "string" options: - description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" + description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" items: type: "string" type: "array" @@ -2532,7 +2544,7 @@ spec: description: "Additional JVM classpath (use `Linux` classpath separator)" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true debug: @@ -2556,7 +2568,7 @@ spec: type: "string" type: "array" printCommand: - description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use." + description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use." type: "boolean" type: "object" kamelets: @@ -2566,7 +2578,7 @@ spec: description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2596,12 +2608,12 @@ spec: description: "Enable automatic discovery of all trait properties." type: "boolean" channelSinks: - description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" channelSources: - description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" @@ -2609,14 +2621,14 @@ spec: description: "Can be used to inject a Knative complete configuration in JSON format." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" endpointSinks: - description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs." + description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs." items: type: "string" type: "array" @@ -2626,31 +2638,31 @@ spec: type: "string" type: "array" eventSinks: - description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)." + description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)." items: type: "string" type: "array" eventSources: - description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." + description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." items: type: "string" type: "array" filterEventType: - description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" + description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" type: "boolean" filterSourceChannels: - description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default." + description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default." type: "boolean" filters: - description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration." + description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration." items: type: "string" type: "array" namespaceLabel: - description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" + description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" type: "boolean" sinkBinding: - description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)." + description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)." type: "boolean" type: "object" knative-service: @@ -2659,45 +2671,45 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" auto: - description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" + description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" type: "boolean" autoscalingMetric: - description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information." type: "string" autoscalingTarget: - description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information." + description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information." type: "integer" class: - description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information." enum: - "kpa.autoscaling.knative.dev" - "hpa.autoscaling.knative.dev" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxScale: - description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information." + description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information." type: "integer" minScale: - description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information." + description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information." type: "integer" rolloutDuration: - description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision." + description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision." type: "string" timeoutSeconds: - description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information." + description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information." format: "int64" type: "integer" visibility: - description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information." + description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information." enum: - "cluster-local" type: "string" @@ -2709,7 +2721,7 @@ spec: description: "Colorize the log output" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2748,12 +2760,12 @@ spec: description: "The configuration of Mount trait" properties: configs: - description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" + description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true emptyDirs: @@ -2765,15 +2777,15 @@ spec: description: "Deprecated: no longer in use." type: "boolean" hotReload: - description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata." + description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata." type: "boolean" resources: - description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" + description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" items: type: "string" type: "array" scanKameletsImplicitLabelSecrets: - description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." + description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." type: "boolean" volumes: description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]" @@ -2785,12 +2797,12 @@ spec: description: "The configuration of OpenAPI trait" properties: configmaps: - description: "The configmaps holding the spec of the OpenAPI" + description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2801,7 +2813,7 @@ spec: description: "The configuration of Owner trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2822,44 +2834,44 @@ spec: description: "The configuration of PDB trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxUnavailable: - description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified." + description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified." type: "string" minAvailable: - description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified." + description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified." type: "string" type: "object" platform: description: "The configuration of Platform trait" properties: auto: - description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true createDefault: - description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" enabled: description: "Deprecated: no longer in use." type: "boolean" global: - description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" type: "object" pod: description: "The configuration of Pod trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2870,7 +2882,7 @@ spec: description: "The configuration of Prometheus trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2892,7 +2904,7 @@ spec: description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2909,7 +2921,7 @@ spec: description: "The configuration of Quarkus trait" properties: buildMode: - description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready." + description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready." items: description: "QuarkusMode is the type of Quarkus build packaging." enum: @@ -2918,7 +2930,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2931,9 +2943,9 @@ spec: description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)" type: "string" packageTypes: - description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead." + description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead." items: - description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead." + description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead." enum: - "fast-jar" - "native" @@ -2941,10 +2953,10 @@ spec: type: "array" type: "object" registry: - description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation." + description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation." properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2957,10 +2969,10 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2970,38 +2982,38 @@ spec: description: "To configure the host exposed by the route." type: "string" tlsCACertificate: - description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCACertificateSecret: - description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificate: - description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificateSecret: - description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificate: - description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information." + description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificateSecret: - description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsInsecureEdgeTerminationPolicy: - description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information." + description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "None" - "Allow" - "Redirect" type: "string" tlsKey: - description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsKeySecret: - description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsTermination: - description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "edge" - "reencrypt" @@ -3012,7 +3024,7 @@ spec: description: "The configuration of Security Context trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -3039,14 +3051,14 @@ spec: description: "To automatically detect from the code if a Service needs to be created." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" nodePort: - description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead." + description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead." type: "boolean" type: description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'." @@ -3060,7 +3072,7 @@ spec: description: "The configuration of Service Binding trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -3086,7 +3098,7 @@ spec: description: "The configuration of Toleration trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml index 4edb82799..faf951b78 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrationprofiles.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "integrationprofiles.camel.apache.org" spec: group: "camel.apache.org" @@ -32,13 +30,13 @@ spec: name: "v1" schema: openAPIV3Schema: - description: "IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace." + description: "IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior.\nIt defines the behavior of all Custom Resources (`IntegrationKit`, `Integration`, `Kamelet`) in the given namespace." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -49,13 +47,13 @@ spec: description: "specify how to build the Integration/IntegrationKits" properties: baseImage: - description: "a base image that can be used as base layer for all images. It can be useful if you want to provide some custom base image with further utility software" + description: "a base image that can be used as base layer for all images.\nIt can be useful if you want to provide some custom base image with further utility software" type: "string" maven: description: "Maven configuration used to build the Camel/Camel-Quarkus applications" properties: caSecrets: - description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore." + description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore." items: description: "SecretKeySelector selects a key of a Secret." properties: @@ -63,7 +61,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -71,14 +69,15 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "array" cliOptions: - description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." + description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." items: type: "string" type: "array" extension: - description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html." + description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html." items: description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact." properties: @@ -106,7 +105,7 @@ spec: description: "The path of the local Maven repository." type: "string" profiles: - description: "A reference to the ConfigMap or Secret key that contains the Maven profile." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile." items: description: "ValueSource --." properties: @@ -117,7 +116,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -125,6 +124,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -132,7 +132,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -140,6 +140,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" properties: @@ -148,7 +149,7 @@ spec: description: "The Maven properties." type: "object" settings: - description: "A reference to the ConfigMap or Secret key that contains the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -157,7 +158,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -165,6 +166,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -172,7 +174,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -180,9 +182,10 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" settingsSecurity: - description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -191,7 +194,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -199,6 +202,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -206,7 +210,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -214,6 +218,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "object" registry: @@ -283,7 +288,7 @@ spec: description: "The configuration of Affinity trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -298,7 +303,7 @@ spec: description: "Always co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with." items: type: "string" type: "array" @@ -306,7 +311,7 @@ spec: description: "Never co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAntiAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with." items: type: "string" type: "array" @@ -320,10 +325,10 @@ spec: description: "When using `pod` strategy, annotation to use for the builder pod." type: "object" baseImage: - description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)." + description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -333,13 +338,13 @@ spec: description: "Use the incremental image build option, to reuse existing containers (default `true`)" type: "boolean" limitCPU: - description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" limitMemory: - description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" mavenProfiles: - description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." + description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." items: type: "string" type: "array" @@ -366,10 +371,10 @@ spec: type: "string" type: "array" requestCPU: - description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" requestMemory: - description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" strategy: description: "The strategy to use, either `pod` or `routine` (default `routine`)" @@ -383,7 +388,7 @@ spec: type: "string" type: "array" tasksFilter: - description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy." + description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy." type: "string" tasksLimitCPU: description: "A list of limit cpu configuration for the specific task with format `:`." @@ -406,14 +411,14 @@ spec: type: "string" type: "array" verbose: - description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use" + description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use" type: "boolean" type: "object" camel: description: "The configuration of Camel trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -425,7 +430,7 @@ spec: type: "string" type: "array" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster." + description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." type: "string" type: "object" container: @@ -450,7 +455,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -460,7 +465,7 @@ spec: description: "Can be used to enable/disable exposure via kubernetes Service." type: "boolean" image: - description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." + description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." type: "string" imagePullPolicy: description: "The pull policy: Always|Never|IfNotPresent" @@ -514,41 +519,41 @@ spec: description: "The configuration of Cron trait" properties: activeDeadlineSeconds: - description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s." + description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s." format: "int64" type: "integer" auto: - description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)." + description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)." type: "boolean" backoffLimit: - description: "Specifies the number of retries before marking the job failed. It defaults to 2." + description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2." format: "int32" type: "integer" components: - description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`." + description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`." type: "string" concurrencyPolicy: - description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one" + description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one" enum: - "Allow" - "Forbid" - "Replace" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" fallback: - description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob." + description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob." type: "boolean" schedule: - description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly." + description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly." type: "string" startingDeadlineSeconds: - description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones." + description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones." format: "int64" type: "integer" timeZone: @@ -559,7 +564,7 @@ spec: description: "The configuration of Dependencies trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -570,7 +575,7 @@ spec: description: "The configuration of Deployer trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -584,34 +589,34 @@ spec: - "knative-service" type: "string" useSSA: - description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." + description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." type: "boolean" type: "object" deployment: description: "The configuration of Deployment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Deprecated: no longer in use." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`." + description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`." format: "int32" type: "integer" rollingUpdateMaxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`." + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`." x-kubernetes-int-or-string: true rollingUpdateMaxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`." x-kubernetes-int-or-string: true strategy: description: "The deployment strategy to use to replace existing pods with new ones." @@ -624,7 +629,7 @@ spec: description: "The configuration of Environment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true containerMeta: @@ -637,7 +642,7 @@ spec: description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)" type: "boolean" vars: - description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables." + description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables." items: type: "string" type: "array" @@ -646,7 +651,7 @@ spec: description: "The configuration of Error Handler trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -660,11 +665,11 @@ spec: description: "The configuration of GC trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." enum: - "disabled" - "disk" @@ -678,7 +683,7 @@ spec: description: "The configuration of Health trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -778,13 +783,13 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" + description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" type: "object" auto: description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -797,7 +802,7 @@ spec: description: "To configure the path exposed by the ingress (default `/`)." type: "string" pathType: - description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." + description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." enum: - "Exact" - "Prefix" @@ -819,7 +824,7 @@ spec: description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -833,15 +838,15 @@ spec: description: "The configuration of Jolokia trait" properties: CACert: - description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." + description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." type: "string" clientPrincipal: - description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." + description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryEnabled: @@ -851,13 +856,13 @@ spec: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" extendedClientCheck: - description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)." + description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)." type: "boolean" host: - description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)." + description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)." type: "string" options: - description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" + description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" items: type: "string" type: "array" @@ -884,7 +889,7 @@ spec: description: "Additional JVM classpath (use `Linux` classpath separator)" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true debug: @@ -908,7 +913,7 @@ spec: type: "string" type: "array" printCommand: - description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use." + description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use." type: "boolean" type: "object" kamelets: @@ -918,7 +923,7 @@ spec: description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -948,12 +953,12 @@ spec: description: "Enable automatic discovery of all trait properties." type: "boolean" channelSinks: - description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" channelSources: - description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" @@ -961,14 +966,14 @@ spec: description: "Can be used to inject a Knative complete configuration in JSON format." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" endpointSinks: - description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs." + description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs." items: type: "string" type: "array" @@ -978,31 +983,31 @@ spec: type: "string" type: "array" eventSinks: - description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)." + description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)." items: type: "string" type: "array" eventSources: - description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." + description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." items: type: "string" type: "array" filterEventType: - description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" + description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" type: "boolean" filterSourceChannels: - description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default." + description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default." type: "boolean" filters: - description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration." + description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration." items: type: "string" type: "array" namespaceLabel: - description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" + description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" type: "boolean" sinkBinding: - description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)." + description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)." type: "boolean" type: "object" knative-service: @@ -1011,45 +1016,45 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" auto: - description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" + description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" type: "boolean" autoscalingMetric: - description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information." type: "string" autoscalingTarget: - description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information." + description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information." type: "integer" class: - description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information." enum: - "kpa.autoscaling.knative.dev" - "hpa.autoscaling.knative.dev" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxScale: - description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information." + description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information." type: "integer" minScale: - description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information." + description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information." type: "integer" rolloutDuration: - description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision." + description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision." type: "string" timeoutSeconds: - description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information." + description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information." format: "int64" type: "integer" visibility: - description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information." + description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information." enum: - "cluster-local" type: "string" @@ -1061,7 +1066,7 @@ spec: description: "Colorize the log output" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1100,12 +1105,12 @@ spec: description: "The configuration of Mount trait" properties: configs: - description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" + description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true emptyDirs: @@ -1117,15 +1122,15 @@ spec: description: "Deprecated: no longer in use." type: "boolean" hotReload: - description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata." + description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata." type: "boolean" resources: - description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" + description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" items: type: "string" type: "array" scanKameletsImplicitLabelSecrets: - description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." + description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." type: "boolean" volumes: description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]" @@ -1137,12 +1142,12 @@ spec: description: "The configuration of OpenAPI trait" properties: configmaps: - description: "The configmaps holding the spec of the OpenAPI" + description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1153,7 +1158,7 @@ spec: description: "The configuration of Owner trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1174,44 +1179,44 @@ spec: description: "The configuration of PDB trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxUnavailable: - description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified." + description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified." type: "string" minAvailable: - description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified." + description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified." type: "string" type: "object" platform: description: "The configuration of Platform trait" properties: auto: - description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true createDefault: - description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" enabled: description: "Deprecated: no longer in use." type: "boolean" global: - description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" type: "object" pod: description: "The configuration of Pod trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1222,7 +1227,7 @@ spec: description: "The configuration of Prometheus trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1244,7 +1249,7 @@ spec: description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1261,7 +1266,7 @@ spec: description: "The configuration of Quarkus trait" properties: buildMode: - description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready." + description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready." items: description: "QuarkusMode is the type of Quarkus build packaging." enum: @@ -1270,7 +1275,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1283,9 +1288,9 @@ spec: description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)" type: "string" packageTypes: - description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead." + description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead." items: - description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead." + description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead." enum: - "fast-jar" - "native" @@ -1293,10 +1298,10 @@ spec: type: "array" type: "object" registry: - description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation." + description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation." properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1309,10 +1314,10 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1322,38 +1327,38 @@ spec: description: "To configure the host exposed by the route." type: "string" tlsCACertificate: - description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCACertificateSecret: - description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificate: - description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificateSecret: - description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificate: - description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information." + description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificateSecret: - description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsInsecureEdgeTerminationPolicy: - description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information." + description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "None" - "Allow" - "Redirect" type: "string" tlsKey: - description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsKeySecret: - description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsTermination: - description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "edge" - "reencrypt" @@ -1364,7 +1369,7 @@ spec: description: "The configuration of Security Context trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1391,14 +1396,14 @@ spec: description: "To automatically detect from the code if a Service needs to be created." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" nodePort: - description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead." + description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead." type: "boolean" type: description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'." @@ -1412,7 +1417,7 @@ spec: description: "The configuration of Service Binding trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1438,7 +1443,7 @@ spec: description: "The configuration of Toleration trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1469,13 +1474,13 @@ spec: description: "specify how to build the Integration/IntegrationKits" properties: baseImage: - description: "a base image that can be used as base layer for all images. It can be useful if you want to provide some custom base image with further utility software" + description: "a base image that can be used as base layer for all images.\nIt can be useful if you want to provide some custom base image with further utility software" type: "string" maven: description: "Maven configuration used to build the Camel/Camel-Quarkus applications" properties: caSecrets: - description: "The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore." + description: "The Secrets name and key, containing the CA certificate(s) used to connect\nto remote Maven repositories.\nIt can contain X.509 certificates, and PKCS#7 formatted certificate chains.\nA JKS formatted keystore is automatically created to store the CA certificate(s),\nand configured to be used as a trusted certificate(s) by the Maven commands.\nNote that the root CA certificates are also imported into the created keystore." items: description: "SecretKeySelector selects a key of a Secret." properties: @@ -1483,7 +1488,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1491,14 +1496,15 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "array" cliOptions: - description: "The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." + description: "The CLI options that are appended to the list of arguments for Maven commands,\ne.g., `-V,--no-transfer-progress,-Dstyle.color=never`.\nSee https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html." items: type: "string" type: "array" extension: - description: "The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html." + description: "The Maven build extensions.\nSee https://maven.apache.org/guides/mini/guide-using-extensions.html." items: description: "MavenArtifact defines a GAV (Group:Artifact:Type:Version:Classifier) Maven artifact." properties: @@ -1526,7 +1532,7 @@ spec: description: "The path of the local Maven repository." type: "string" profiles: - description: "A reference to the ConfigMap or Secret key that contains the Maven profile." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven profile." items: description: "ValueSource --." properties: @@ -1537,7 +1543,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1545,6 +1551,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -1552,7 +1559,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1560,6 +1567,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" properties: @@ -1568,7 +1576,7 @@ spec: description: "The Maven properties." type: "object" settings: - description: "A reference to the ConfigMap or Secret key that contains the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -1577,7 +1585,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1585,6 +1593,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -1592,7 +1601,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1600,9 +1609,10 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" settingsSecurity: - description: "A reference to the ConfigMap or Secret key that contains the security of the Maven settings." + description: "A reference to the ConfigMap or Secret key that contains\nthe security of the Maven settings." properties: configMapKeyRef: description: "Selects a key of a ConfigMap." @@ -1611,7 +1621,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1619,6 +1629,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret." properties: @@ -1626,7 +1637,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1634,6 +1645,7 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "object" registry: @@ -1740,7 +1752,7 @@ spec: description: "The configuration of Affinity trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1755,7 +1767,7 @@ spec: description: "Always co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with." items: type: "string" type: "array" @@ -1763,7 +1775,7 @@ spec: description: "Never co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAntiAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with." items: type: "string" type: "array" @@ -1777,10 +1789,10 @@ spec: description: "When using `pod` strategy, annotation to use for the builder pod." type: "object" baseImage: - description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)." + description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1790,13 +1802,13 @@ spec: description: "Use the incremental image build option, to reuse existing containers (default `true`)" type: "boolean" limitCPU: - description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" limitMemory: - description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" mavenProfiles: - description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." + description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." items: type: "string" type: "array" @@ -1823,10 +1835,10 @@ spec: type: "string" type: "array" requestCPU: - description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" requestMemory: - description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" strategy: description: "The strategy to use, either `pod` or `routine` (default `routine`)" @@ -1840,7 +1852,7 @@ spec: type: "string" type: "array" tasksFilter: - description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy." + description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy." type: "string" tasksLimitCPU: description: "A list of limit cpu configuration for the specific task with format `:`." @@ -1863,14 +1875,14 @@ spec: type: "string" type: "array" verbose: - description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use" + description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use" type: "boolean" type: "object" camel: description: "The configuration of Camel trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1882,7 +1894,7 @@ spec: type: "string" type: "array" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster." + description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." type: "string" type: "object" container: @@ -1907,7 +1919,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -1917,7 +1929,7 @@ spec: description: "Can be used to enable/disable exposure via kubernetes Service." type: "boolean" image: - description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." + description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." type: "string" imagePullPolicy: description: "The pull policy: Always|Never|IfNotPresent" @@ -1971,41 +1983,41 @@ spec: description: "The configuration of Cron trait" properties: activeDeadlineSeconds: - description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s." + description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s." format: "int64" type: "integer" auto: - description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)." + description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)." type: "boolean" backoffLimit: - description: "Specifies the number of retries before marking the job failed. It defaults to 2." + description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2." format: "int32" type: "integer" components: - description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`." + description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`." type: "string" concurrencyPolicy: - description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one" + description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one" enum: - "Allow" - "Forbid" - "Replace" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" fallback: - description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob." + description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob." type: "boolean" schedule: - description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly." + description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly." type: "string" startingDeadlineSeconds: - description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones." + description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones." format: "int64" type: "integer" timeZone: @@ -2016,7 +2028,7 @@ spec: description: "The configuration of Dependencies trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2027,7 +2039,7 @@ spec: description: "The configuration of Deployer trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2041,34 +2053,34 @@ spec: - "knative-service" type: "string" useSSA: - description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." + description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." type: "boolean" type: "object" deployment: description: "The configuration of Deployment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Deprecated: no longer in use." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`." + description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`." format: "int32" type: "integer" rollingUpdateMaxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`." + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`." x-kubernetes-int-or-string: true rollingUpdateMaxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`." x-kubernetes-int-or-string: true strategy: description: "The deployment strategy to use to replace existing pods with new ones." @@ -2081,7 +2093,7 @@ spec: description: "The configuration of Environment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true containerMeta: @@ -2094,7 +2106,7 @@ spec: description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)" type: "boolean" vars: - description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables." + description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables." items: type: "string" type: "array" @@ -2103,7 +2115,7 @@ spec: description: "The configuration of Error Handler trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2117,11 +2129,11 @@ spec: description: "The configuration of GC trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." enum: - "disabled" - "disk" @@ -2135,7 +2147,7 @@ spec: description: "The configuration of Health trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2235,13 +2247,13 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" + description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" type: "object" auto: description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2254,7 +2266,7 @@ spec: description: "To configure the path exposed by the ingress (default `/`)." type: "string" pathType: - description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." + description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." enum: - "Exact" - "Prefix" @@ -2276,7 +2288,7 @@ spec: description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2290,15 +2302,15 @@ spec: description: "The configuration of Jolokia trait" properties: CACert: - description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." + description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." type: "string" clientPrincipal: - description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." + description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryEnabled: @@ -2308,13 +2320,13 @@ spec: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" extendedClientCheck: - description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)." + description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)." type: "boolean" host: - description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)." + description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)." type: "string" options: - description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" + description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" items: type: "string" type: "array" @@ -2341,7 +2353,7 @@ spec: description: "Additional JVM classpath (use `Linux` classpath separator)" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true debug: @@ -2365,7 +2377,7 @@ spec: type: "string" type: "array" printCommand: - description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use." + description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use." type: "boolean" type: "object" kamelets: @@ -2375,7 +2387,7 @@ spec: description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2405,12 +2417,12 @@ spec: description: "Enable automatic discovery of all trait properties." type: "boolean" channelSinks: - description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" channelSources: - description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" @@ -2418,14 +2430,14 @@ spec: description: "Can be used to inject a Knative complete configuration in JSON format." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" endpointSinks: - description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs." + description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs." items: type: "string" type: "array" @@ -2435,31 +2447,31 @@ spec: type: "string" type: "array" eventSinks: - description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)." + description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)." items: type: "string" type: "array" eventSources: - description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." + description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." items: type: "string" type: "array" filterEventType: - description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" + description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" type: "boolean" filterSourceChannels: - description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default." + description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default." type: "boolean" filters: - description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration." + description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration." items: type: "string" type: "array" namespaceLabel: - description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" + description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" type: "boolean" sinkBinding: - description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)." + description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)." type: "boolean" type: "object" knative-service: @@ -2468,45 +2480,45 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" auto: - description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" + description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" type: "boolean" autoscalingMetric: - description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information." type: "string" autoscalingTarget: - description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information." + description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information." type: "integer" class: - description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information." enum: - "kpa.autoscaling.knative.dev" - "hpa.autoscaling.knative.dev" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxScale: - description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information." + description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information." type: "integer" minScale: - description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information." + description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information." type: "integer" rolloutDuration: - description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision." + description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision." type: "string" timeoutSeconds: - description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information." + description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information." format: "int64" type: "integer" visibility: - description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information." + description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information." enum: - "cluster-local" type: "string" @@ -2518,7 +2530,7 @@ spec: description: "Colorize the log output" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2557,12 +2569,12 @@ spec: description: "The configuration of Mount trait" properties: configs: - description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" + description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true emptyDirs: @@ -2574,15 +2586,15 @@ spec: description: "Deprecated: no longer in use." type: "boolean" hotReload: - description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata." + description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata." type: "boolean" resources: - description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" + description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" items: type: "string" type: "array" scanKameletsImplicitLabelSecrets: - description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." + description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." type: "boolean" volumes: description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]" @@ -2594,12 +2606,12 @@ spec: description: "The configuration of OpenAPI trait" properties: configmaps: - description: "The configmaps holding the spec of the OpenAPI" + description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2610,7 +2622,7 @@ spec: description: "The configuration of Owner trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2631,44 +2643,44 @@ spec: description: "The configuration of PDB trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxUnavailable: - description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified." + description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified." type: "string" minAvailable: - description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified." + description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified." type: "string" type: "object" platform: description: "The configuration of Platform trait" properties: auto: - description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true createDefault: - description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" enabled: description: "Deprecated: no longer in use." type: "boolean" global: - description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" type: "object" pod: description: "The configuration of Pod trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2679,7 +2691,7 @@ spec: description: "The configuration of Prometheus trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2701,7 +2713,7 @@ spec: description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2718,7 +2730,7 @@ spec: description: "The configuration of Quarkus trait" properties: buildMode: - description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready." + description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready." items: description: "QuarkusMode is the type of Quarkus build packaging." enum: @@ -2727,7 +2739,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2740,9 +2752,9 @@ spec: description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)" type: "string" packageTypes: - description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead." + description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead." items: - description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead." + description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead." enum: - "fast-jar" - "native" @@ -2750,10 +2762,10 @@ spec: type: "array" type: "object" registry: - description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation." + description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation." properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2766,10 +2778,10 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2779,38 +2791,38 @@ spec: description: "To configure the host exposed by the route." type: "string" tlsCACertificate: - description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCACertificateSecret: - description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificate: - description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificateSecret: - description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificate: - description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information." + description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificateSecret: - description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsInsecureEdgeTerminationPolicy: - description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information." + description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "None" - "Allow" - "Redirect" type: "string" tlsKey: - description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsKeySecret: - description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsTermination: - description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "edge" - "reencrypt" @@ -2821,7 +2833,7 @@ spec: description: "The configuration of Security Context trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2848,14 +2860,14 @@ spec: description: "To automatically detect from the code if a Service needs to be created." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" nodePort: - description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead." + description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead." type: "boolean" type: description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'." @@ -2869,7 +2881,7 @@ spec: description: "The configuration of Service Binding trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -2895,7 +2907,7 @@ spec: description: "The configuration of Toleration trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml index f0341feb3..2ea2cd3e1 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/integrations.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "integrations.camel.apache.org" spec: group: "camel.apache.org" @@ -51,10 +49,10 @@ spec: description: "Integration is the Schema for the integrations API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -62,7 +60,7 @@ spec: description: "the desired Integration specification" properties: configuration: - description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes" + description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes" items: description: "ConfigurationSpec represents a generic configuration specification." properties: @@ -96,24 +94,25 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" profile: description: "the profile needed to run this Integration" type: "string" @@ -153,7 +152,7 @@ spec: description: "True if the spec is generated from a Kamelet" type: "boolean" interceptors: - description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources" + description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources" items: type: "string" type: "array" @@ -161,7 +160,7 @@ spec: description: "specify which is the language (Camel DSL) used to interpret this source code" type: "string" loader: - description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime" + description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime" type: "string" name: description: "the name of the specification" @@ -202,17 +201,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -220,7 +219,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -232,7 +231,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -240,8 +239,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -252,8 +252,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -271,6 +272,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -278,7 +280,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -286,13 +288,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -300,12 +303,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -313,31 +317,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -346,7 +351,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -354,7 +359,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -371,10 +376,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -390,7 +395,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -399,20 +404,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -421,7 +426,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -429,7 +434,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -446,10 +451,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -465,7 +470,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -474,7 +479,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -482,19 +487,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -505,7 +510,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -514,7 +519,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -522,7 +527,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -539,24 +544,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -569,45 +574,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -618,19 +623,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -641,7 +646,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -650,7 +655,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -658,7 +663,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -675,24 +680,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -705,17 +710,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -725,10 +730,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -737,15 +742,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -761,7 +766,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -770,20 +775,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -799,27 +804,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -835,48 +840,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -887,7 +892,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -896,7 +901,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -904,7 +909,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -921,24 +926,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -951,34 +956,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -997,27 +1002,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1025,7 +1030,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -1037,20 +1042,20 @@ spec: ephemeralContainers: description: "EphemeralContainers" items: - description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted." + description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted." properties: args: - description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -1058,7 +1063,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1070,7 +1075,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1078,8 +1083,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1090,8 +1096,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1109,6 +1116,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1116,7 +1124,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1124,13 +1132,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -1138,12 +1147,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -1151,31 +1161,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images" + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images" type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: description: "Lifecycle is not allowed for ephemeral containers." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1184,7 +1195,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1192,7 +1203,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1209,10 +1220,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -1228,7 +1239,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1237,20 +1248,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1259,7 +1270,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1267,7 +1278,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1284,10 +1295,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -1303,7 +1314,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1312,7 +1323,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1326,13 +1337,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1343,7 +1354,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1352,7 +1363,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1360,7 +1371,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1377,24 +1388,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1407,22 +1418,22 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers." + description: "Name of the ephemeral container specified as a DNS_LABEL.\nThis name must be unique among all containers, init containers and ephemeral containers." type: "string" ports: description: "Ports are not allowed for ephemeral containers." @@ -1430,22 +1441,22 @@ spec: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1462,13 +1473,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1479,7 +1490,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1488,7 +1499,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1496,7 +1507,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1513,24 +1524,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1543,17 +1554,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -1563,10 +1574,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -1575,15 +1586,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod." + description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1599,7 +1610,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1608,20 +1619,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers." + description: "Restart policy for the container to manage the restart behavior of each\ncontainer within a pod.\nThis may only be set for init containers. You cannot set this field on\nephemeral containers." type: "string" securityContext: - description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." + description: "Optional: SecurityContext defines the security options the ephemeral container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -1637,27 +1648,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -1673,31 +1684,31 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -1708,13 +1719,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1725,7 +1736,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1734,7 +1745,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1742,7 +1753,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1759,24 +1770,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1789,37 +1800,37 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" targetContainerName: - description: "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined." + description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined." type: "string" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -1838,27 +1849,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1866,7 +1877,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -1878,17 +1889,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -1896,7 +1907,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1908,7 +1919,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1916,8 +1927,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1928,8 +1940,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1947,6 +1960,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1954,7 +1968,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1962,13 +1976,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -1976,12 +1991,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -1989,31 +2005,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2022,7 +2039,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2030,7 +2047,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2047,10 +2064,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -2066,7 +2083,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2075,20 +2092,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2097,7 +2114,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2105,7 +2122,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2122,10 +2139,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -2141,7 +2158,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2150,7 +2167,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2158,19 +2175,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2181,7 +2198,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2190,7 +2207,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2198,7 +2215,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2215,24 +2232,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2245,45 +2262,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -2294,19 +2311,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2317,7 +2334,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2326,7 +2343,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2334,7 +2351,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2351,24 +2368,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2381,17 +2398,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2401,10 +2418,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -2413,15 +2430,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2437,7 +2454,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2446,20 +2463,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -2475,27 +2492,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2511,48 +2528,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2563,7 +2580,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2572,7 +2589,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2580,7 +2597,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2597,24 +2614,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2627,34 +2644,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -2673,27 +2690,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2701,7 +2718,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -2719,25 +2736,25 @@ spec: description: "PodSecurityContext" properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2753,25 +2770,25 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -2787,19 +2804,19 @@ spec: type: "object" type: "array" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -2813,21 +2830,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2839,34 +2856,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -2880,20 +2898,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -2911,13 +2929,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -2927,7 +2945,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -2943,7 +2961,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -2951,42 +2969,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -2995,11 +3015,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3007,11 +3027,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3019,35 +3039,37 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" csi: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -3056,7 +3078,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -3076,15 +3098,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3102,47 +3125,48 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3154,11 +3178,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3167,14 +3192,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -3183,7 +3208,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3192,7 +3217,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3201,16 +3226,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3222,17 +3247,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -3246,14 +3272,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -3261,19 +3287,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -3281,15 +3307,16 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "driver" type: "object" @@ -3297,36 +3324,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -3338,35 +3365,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -3375,38 +3402,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -3414,32 +3442,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -3448,7 +3476,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -3460,10 +3488,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -3475,7 +3503,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -3484,24 +3512,24 @@ spec: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3513,20 +3541,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -3535,7 +3564,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3543,11 +3572,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3555,12 +3584,13 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -3581,15 +3611,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3607,6 +3638,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -3616,7 +3648,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3624,11 +3656,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3636,24 +3668,25 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -3665,19 +3698,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -3687,37 +3720,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -3727,7 +3761,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -3736,20 +3770,21 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" sslEnabled: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -3758,7 +3793,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -3766,14 +3801,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3781,11 +3816,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3796,37 +3831,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -3872,7 +3908,7 @@ spec: description: "The configuration of Affinity trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -3887,7 +3923,7 @@ spec: description: "Always co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with." items: type: "string" type: "array" @@ -3895,7 +3931,7 @@ spec: description: "Never co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAntiAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with." items: type: "string" type: "array" @@ -3909,10 +3945,10 @@ spec: description: "When using `pod` strategy, annotation to use for the builder pod." type: "object" baseImage: - description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)." + description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -3922,13 +3958,13 @@ spec: description: "Use the incremental image build option, to reuse existing containers (default `true`)" type: "boolean" limitCPU: - description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" limitMemory: - description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" mavenProfiles: - description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." + description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." items: type: "string" type: "array" @@ -3955,10 +3991,10 @@ spec: type: "string" type: "array" requestCPU: - description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" requestMemory: - description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" strategy: description: "The strategy to use, either `pod` or `routine` (default `routine`)" @@ -3972,7 +4008,7 @@ spec: type: "string" type: "array" tasksFilter: - description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy." + description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy." type: "string" tasksLimitCPU: description: "A list of limit cpu configuration for the specific task with format `:`." @@ -3995,14 +4031,14 @@ spec: type: "string" type: "array" verbose: - description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use" + description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use" type: "boolean" type: "object" camel: description: "The configuration of Camel trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4014,7 +4050,7 @@ spec: type: "string" type: "array" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster." + description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." type: "string" type: "object" container: @@ -4039,7 +4075,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4049,7 +4085,7 @@ spec: description: "Can be used to enable/disable exposure via kubernetes Service." type: "boolean" image: - description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." + description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." type: "string" imagePullPolicy: description: "The pull policy: Always|Never|IfNotPresent" @@ -4103,41 +4139,41 @@ spec: description: "The configuration of Cron trait" properties: activeDeadlineSeconds: - description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s." + description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s." format: "int64" type: "integer" auto: - description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)." + description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)." type: "boolean" backoffLimit: - description: "Specifies the number of retries before marking the job failed. It defaults to 2." + description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2." format: "int32" type: "integer" components: - description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`." + description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`." type: "string" concurrencyPolicy: - description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one" + description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one" enum: - "Allow" - "Forbid" - "Replace" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" fallback: - description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob." + description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob." type: "boolean" schedule: - description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly." + description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly." type: "string" startingDeadlineSeconds: - description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones." + description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones." format: "int64" type: "integer" timeZone: @@ -4148,7 +4184,7 @@ spec: description: "The configuration of Dependencies trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4159,7 +4195,7 @@ spec: description: "The configuration of Deployer trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4173,34 +4209,34 @@ spec: - "knative-service" type: "string" useSSA: - description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." + description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." type: "boolean" type: "object" deployment: description: "The configuration of Deployment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Deprecated: no longer in use." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`." + description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`." format: "int32" type: "integer" rollingUpdateMaxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`." + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`." x-kubernetes-int-or-string: true rollingUpdateMaxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`." x-kubernetes-int-or-string: true strategy: description: "The deployment strategy to use to replace existing pods with new ones." @@ -4213,7 +4249,7 @@ spec: description: "The configuration of Environment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true containerMeta: @@ -4226,7 +4262,7 @@ spec: description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)" type: "boolean" vars: - description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables." + description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables." items: type: "string" type: "array" @@ -4235,7 +4271,7 @@ spec: description: "The configuration of Error Handler trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4249,11 +4285,11 @@ spec: description: "The configuration of GC trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." enum: - "disabled" - "disk" @@ -4267,7 +4303,7 @@ spec: description: "The configuration of Health trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4367,13 +4403,13 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" + description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" type: "object" auto: description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4386,7 +4422,7 @@ spec: description: "To configure the path exposed by the ingress (default `/`)." type: "string" pathType: - description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." + description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." enum: - "Exact" - "Prefix" @@ -4408,7 +4444,7 @@ spec: description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4422,15 +4458,15 @@ spec: description: "The configuration of Jolokia trait" properties: CACert: - description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." + description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." type: "string" clientPrincipal: - description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." + description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryEnabled: @@ -4440,13 +4476,13 @@ spec: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" extendedClientCheck: - description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)." + description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)." type: "boolean" host: - description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)." + description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)." type: "string" options: - description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" + description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" items: type: "string" type: "array" @@ -4473,7 +4509,7 @@ spec: description: "Additional JVM classpath (use `Linux` classpath separator)" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true debug: @@ -4497,7 +4533,7 @@ spec: type: "string" type: "array" printCommand: - description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use." + description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use." type: "boolean" type: "object" kamelets: @@ -4507,7 +4543,7 @@ spec: description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4537,12 +4573,12 @@ spec: description: "Enable automatic discovery of all trait properties." type: "boolean" channelSinks: - description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" channelSources: - description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" @@ -4550,14 +4586,14 @@ spec: description: "Can be used to inject a Knative complete configuration in JSON format." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" endpointSinks: - description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs." + description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs." items: type: "string" type: "array" @@ -4567,31 +4603,31 @@ spec: type: "string" type: "array" eventSinks: - description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)." + description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)." items: type: "string" type: "array" eventSources: - description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." + description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." items: type: "string" type: "array" filterEventType: - description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" + description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" type: "boolean" filterSourceChannels: - description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default." + description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default." type: "boolean" filters: - description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration." + description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration." items: type: "string" type: "array" namespaceLabel: - description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" + description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" type: "boolean" sinkBinding: - description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)." + description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)." type: "boolean" type: "object" knative-service: @@ -4600,45 +4636,45 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" auto: - description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" + description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" type: "boolean" autoscalingMetric: - description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information." type: "string" autoscalingTarget: - description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information." + description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information." type: "integer" class: - description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information." enum: - "kpa.autoscaling.knative.dev" - "hpa.autoscaling.knative.dev" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxScale: - description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information." + description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information." type: "integer" minScale: - description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information." + description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information." type: "integer" rolloutDuration: - description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision." + description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision." type: "string" timeoutSeconds: - description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information." + description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information." format: "int64" type: "integer" visibility: - description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information." + description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information." enum: - "cluster-local" type: "string" @@ -4650,7 +4686,7 @@ spec: description: "Colorize the log output" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4689,12 +4725,12 @@ spec: description: "The configuration of Mount trait" properties: configs: - description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" + description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true emptyDirs: @@ -4706,15 +4742,15 @@ spec: description: "Deprecated: no longer in use." type: "boolean" hotReload: - description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata." + description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata." type: "boolean" resources: - description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" + description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" items: type: "string" type: "array" scanKameletsImplicitLabelSecrets: - description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." + description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." type: "boolean" volumes: description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]" @@ -4726,12 +4762,12 @@ spec: description: "The configuration of OpenAPI trait" properties: configmaps: - description: "The configmaps holding the spec of the OpenAPI" + description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4742,7 +4778,7 @@ spec: description: "The configuration of Owner trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4763,44 +4799,44 @@ spec: description: "The configuration of PDB trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxUnavailable: - description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified." + description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified." type: "string" minAvailable: - description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified." + description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified." type: "string" type: "object" platform: description: "The configuration of Platform trait" properties: auto: - description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true createDefault: - description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" enabled: description: "Deprecated: no longer in use." type: "boolean" global: - description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" type: "object" pod: description: "The configuration of Pod trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4811,7 +4847,7 @@ spec: description: "The configuration of Prometheus trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4833,7 +4869,7 @@ spec: description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4850,7 +4886,7 @@ spec: description: "The configuration of Quarkus trait" properties: buildMode: - description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready." + description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready." items: description: "QuarkusMode is the type of Quarkus build packaging." enum: @@ -4859,7 +4895,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4872,9 +4908,9 @@ spec: description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)" type: "string" packageTypes: - description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead." + description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead." items: - description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead." + description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead." enum: - "fast-jar" - "native" @@ -4882,10 +4918,10 @@ spec: type: "array" type: "object" registry: - description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation." + description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation." properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4898,10 +4934,10 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4911,38 +4947,38 @@ spec: description: "To configure the host exposed by the route." type: "string" tlsCACertificate: - description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCACertificateSecret: - description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificate: - description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificateSecret: - description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificate: - description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information." + description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificateSecret: - description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsInsecureEdgeTerminationPolicy: - description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information." + description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "None" - "Allow" - "Redirect" type: "string" tlsKey: - description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsKeySecret: - description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsTermination: - description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "edge" - "reencrypt" @@ -4953,7 +4989,7 @@ spec: description: "The configuration of Security Context trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4980,14 +5016,14 @@ spec: description: "To automatically detect from the code if a Service needs to be created." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" nodePort: - description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead." + description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead." type: "boolean" type: description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'." @@ -5001,7 +5037,7 @@ spec: description: "The configuration of Service Binding trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -5027,7 +5063,7 @@ spec: description: "The configuration of Toleration trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -5101,10 +5137,10 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" + description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" type: "string" type: - description: "Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" + description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" type: "string" required: - "status" @@ -5114,7 +5150,7 @@ spec: items: properties: data: - description: "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding." + description: "RawMessage is a raw encoded JSON value.\nIt implements Marshaler and Unmarshaler and can\nbe used to delay JSON decoding or precompute a JSON encoding." x-kubernetes-preserve-unknown-fields: true name: type: "string" @@ -5143,7 +5179,7 @@ spec: type: "object" type: "array" configuration: - description: "Deprecated: a list of configuration specification" + description: "Deprecated:\na list of configuration specification" items: description: "ConfigurationSpec represents a generic configuration specification." properties: @@ -5190,7 +5226,7 @@ spec: description: "True if the spec is generated from a Kamelet" type: "boolean" interceptors: - description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources" + description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources" items: type: "string" type: "array" @@ -5198,7 +5234,7 @@ spec: description: "specify which is the language (Camel DSL) used to interpret this source code" type: "string" loader: - description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime" + description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime" type: "string" name: description: "the name of the specification" @@ -5230,24 +5266,25 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" lastInitTimestamp: description: "the timestamp representing the last time when this integration was initialized." format: "date-time" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/kamelets.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/kamelets.yaml index f7a98bd35..5ccdbbdcc 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/kamelets.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/kamelets.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "kamelets.camel.apache.org" spec: group: "camel.apache.org" @@ -31,10 +29,10 @@ spec: description: "Kamelet is the Schema for the kamelets API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -109,7 +107,7 @@ spec: description: type: "string" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true externalDocs: description: "ExternalDocumentation allows referencing an external resource for extended documentation." @@ -133,18 +131,18 @@ spec: type: "string" enum: items: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true type: "array" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: type: "boolean" exclusiveMinimum: type: "boolean" format: - description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." + description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." type: "string" id: type: "string" @@ -219,7 +217,7 @@ spec: description: type: "string" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true externalDocs: description: "ExternalDocumentation allows referencing an external resource for extended documentation." @@ -243,18 +241,18 @@ spec: type: "string" enum: items: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true type: "array" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: type: "boolean" exclusiveMinimum: type: "boolean" format: - description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." + description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." type: "string" id: type: "string" @@ -340,7 +338,7 @@ spec: description: "True if the spec is generated from a Kamelet" type: "boolean" interceptors: - description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources" + description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources" items: type: "string" type: "array" @@ -348,7 +346,7 @@ spec: description: "specify which is the language (Camel DSL) used to interpret this source code" type: "string" loader: - description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime" + description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime" type: "string" name: description: "the name of the specification" @@ -376,7 +374,7 @@ spec: x-kubernetes-preserve-unknown-fields: true types: additionalProperties: - description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec." + description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec." properties: mediaType: description: "media type as expected for HTTP media types (ie, application/json)" @@ -390,7 +388,7 @@ spec: description: type: "string" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true externalDocs: description: "ExternalDocumentation allows referencing an external resource for extended documentation." @@ -414,18 +412,18 @@ spec: type: "string" enum: items: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true type: "array" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: type: "boolean" exclusiveMinimum: type: "boolean" format: - description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." + description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." type: "string" id: type: "string" @@ -483,13 +481,13 @@ spec: type: "string" type: "object" type: "object" - description: "data specification types for the events consumed/produced by the Kamelet Deprecated: In favor of using DataTypes" + description: "data specification types for the events consumed/produced by the Kamelet\nDeprecated: In favor of using DataTypes" type: "object" type: "object" status: default: phase: "Ready" - description: "the actual status of the resource Deprecated no longer in use" + description: "the actual status of the resource\nDeprecated no longer in use" properties: conditions: description: "Conditions --" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml index 3257ad9fb..2f47e9b89 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1/pipes.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "pipes.camel.apache.org" spec: group: "camel.apache.org" @@ -35,10 +33,10 @@ spec: description: "Pipe is the Schema for the Pipe API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -50,10 +48,10 @@ spec: type: "object" x-kubernetes-preserve-unknown-fields: true integration: - description: "Integration is an optional integration used to specify custom parameters Deprecated don't use this. Use trait annotations if you need to change any cluster configuration." + description: "Integration is an optional integration used to specify custom parameters\nDeprecated don't use this. Use trait annotations if you need to change any cluster configuration." properties: configuration: - description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes" + description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes" items: description: "ConfigurationSpec represents a generic configuration specification." properties: @@ -87,24 +85,25 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" profile: description: "the profile needed to run this Integration" type: "string" @@ -144,7 +143,7 @@ spec: description: "True if the spec is generated from a Kamelet" type: "boolean" interceptors: - description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources" + description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources" items: type: "string" type: "array" @@ -152,7 +151,7 @@ spec: description: "specify which is the language (Camel DSL) used to interpret this source code" type: "string" loader: - description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime" + description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime" type: "string" name: description: "the name of the specification" @@ -193,17 +192,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -211,7 +210,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -223,7 +222,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -231,8 +230,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -243,8 +243,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -262,6 +263,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -269,7 +271,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -277,13 +279,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -291,12 +294,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -304,31 +308,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -337,7 +342,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -345,7 +350,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -362,10 +367,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -381,7 +386,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -390,20 +395,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -412,7 +417,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -420,7 +425,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -437,10 +442,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -456,7 +461,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -465,7 +470,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -473,19 +478,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -496,7 +501,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -505,7 +510,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -513,7 +518,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -530,24 +535,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -560,45 +565,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -609,19 +614,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -632,7 +637,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -641,7 +646,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -649,7 +654,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -666,24 +671,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -696,17 +701,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -716,10 +721,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -728,15 +733,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -752,7 +757,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -761,20 +766,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -790,27 +795,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -826,48 +831,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -878,7 +883,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -887,7 +892,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -895,7 +900,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -912,24 +917,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -942,34 +947,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -988,27 +993,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1016,7 +1021,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -1028,20 +1033,20 @@ spec: ephemeralContainers: description: "EphemeralContainers" items: - description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted." + description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted." properties: args: - description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -1049,7 +1054,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1061,7 +1066,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1069,8 +1074,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1081,8 +1087,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1100,6 +1107,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1107,7 +1115,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1115,13 +1123,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -1129,12 +1138,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -1142,31 +1152,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images" + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images" type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: description: "Lifecycle is not allowed for ephemeral containers." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1175,7 +1186,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1183,7 +1194,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1200,10 +1211,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -1219,7 +1230,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1228,20 +1239,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1250,7 +1261,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1258,7 +1269,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1275,10 +1286,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -1294,7 +1305,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1303,7 +1314,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1317,13 +1328,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1334,7 +1345,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1343,7 +1354,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1351,7 +1362,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1368,24 +1379,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1398,22 +1409,22 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers." + description: "Name of the ephemeral container specified as a DNS_LABEL.\nThis name must be unique among all containers, init containers and ephemeral containers." type: "string" ports: description: "Ports are not allowed for ephemeral containers." @@ -1421,22 +1432,22 @@ spec: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1453,13 +1464,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1470,7 +1481,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1479,7 +1490,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1487,7 +1498,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1504,24 +1515,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1534,17 +1545,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -1554,10 +1565,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -1566,15 +1577,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod." + description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1590,7 +1601,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1599,20 +1610,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers." + description: "Restart policy for the container to manage the restart behavior of each\ncontainer within a pod.\nThis may only be set for init containers. You cannot set this field on\nephemeral containers." type: "string" securityContext: - description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." + description: "Optional: SecurityContext defines the security options the ephemeral container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -1628,27 +1639,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -1664,31 +1675,31 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -1699,13 +1710,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1716,7 +1727,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1725,7 +1736,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1733,7 +1744,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1750,24 +1761,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1780,37 +1791,37 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" targetContainerName: - description: "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined." + description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined." type: "string" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -1829,27 +1840,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1857,7 +1868,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -1869,17 +1880,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -1887,7 +1898,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1899,7 +1910,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1907,8 +1918,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1919,8 +1931,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1938,6 +1951,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1945,7 +1959,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1953,13 +1967,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -1967,12 +1982,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -1980,31 +1996,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2013,7 +2030,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2021,7 +2038,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2038,10 +2055,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -2057,7 +2074,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2066,20 +2083,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2088,7 +2105,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2096,7 +2113,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2113,10 +2130,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -2132,7 +2149,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2141,7 +2158,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2149,19 +2166,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2172,7 +2189,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2181,7 +2198,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2189,7 +2206,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2206,24 +2223,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2236,45 +2253,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -2285,19 +2302,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2308,7 +2325,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2317,7 +2334,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2325,7 +2342,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2342,24 +2359,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2372,17 +2389,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2392,10 +2409,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -2404,15 +2421,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2428,7 +2445,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2437,20 +2454,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -2466,27 +2483,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2502,48 +2519,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2554,7 +2571,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2563,7 +2580,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2571,7 +2588,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2588,24 +2605,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2618,34 +2635,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -2664,27 +2681,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2692,7 +2709,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -2710,25 +2727,25 @@ spec: description: "PodSecurityContext" properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2744,25 +2761,25 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -2778,19 +2795,19 @@ spec: type: "object" type: "array" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -2804,21 +2821,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2830,34 +2847,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -2871,20 +2889,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -2902,13 +2920,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -2918,7 +2936,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -2934,7 +2952,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -2942,42 +2960,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -2986,11 +3006,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -2998,11 +3018,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3010,35 +3030,37 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" csi: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -3047,7 +3069,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -3067,15 +3089,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3093,47 +3116,48 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3145,11 +3169,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3158,14 +3183,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -3174,7 +3199,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3183,7 +3208,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3192,16 +3217,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3213,17 +3238,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -3237,14 +3263,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -3252,19 +3278,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -3272,15 +3298,16 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "driver" type: "object" @@ -3288,36 +3315,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -3329,35 +3356,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -3366,38 +3393,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -3405,32 +3433,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -3439,7 +3467,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -3451,10 +3479,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -3466,7 +3494,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -3475,24 +3503,24 @@ spec: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3504,20 +3532,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -3526,7 +3555,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3534,11 +3563,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3546,12 +3575,13 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -3572,15 +3602,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3598,6 +3629,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -3607,7 +3639,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3615,11 +3647,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3627,24 +3659,25 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -3656,19 +3689,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -3678,37 +3711,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -3718,7 +3752,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -3727,20 +3761,21 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" sslEnabled: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -3749,7 +3784,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -3757,14 +3792,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3772,11 +3807,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3787,37 +3822,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -3863,7 +3899,7 @@ spec: description: "The configuration of Affinity trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -3878,7 +3914,7 @@ spec: description: "Always co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with." items: type: "string" type: "array" @@ -3886,7 +3922,7 @@ spec: description: "Never co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAntiAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with." items: type: "string" type: "array" @@ -3900,10 +3936,10 @@ spec: description: "When using `pod` strategy, annotation to use for the builder pod." type: "object" baseImage: - description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)." + description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -3913,13 +3949,13 @@ spec: description: "Use the incremental image build option, to reuse existing containers (default `true`)" type: "boolean" limitCPU: - description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" limitMemory: - description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" mavenProfiles: - description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." + description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." items: type: "string" type: "array" @@ -3946,10 +3982,10 @@ spec: type: "string" type: "array" requestCPU: - description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" requestMemory: - description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" strategy: description: "The strategy to use, either `pod` or `routine` (default `routine`)" @@ -3963,7 +3999,7 @@ spec: type: "string" type: "array" tasksFilter: - description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy." + description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy." type: "string" tasksLimitCPU: description: "A list of limit cpu configuration for the specific task with format `:`." @@ -3986,14 +4022,14 @@ spec: type: "string" type: "array" verbose: - description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use" + description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use" type: "boolean" type: "object" camel: description: "The configuration of Camel trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4005,7 +4041,7 @@ spec: type: "string" type: "array" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster." + description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." type: "string" type: "object" container: @@ -4030,7 +4066,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4040,7 +4076,7 @@ spec: description: "Can be used to enable/disable exposure via kubernetes Service." type: "boolean" image: - description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." + description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." type: "string" imagePullPolicy: description: "The pull policy: Always|Never|IfNotPresent" @@ -4094,41 +4130,41 @@ spec: description: "The configuration of Cron trait" properties: activeDeadlineSeconds: - description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s." + description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s." format: "int64" type: "integer" auto: - description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)." + description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)." type: "boolean" backoffLimit: - description: "Specifies the number of retries before marking the job failed. It defaults to 2." + description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2." format: "int32" type: "integer" components: - description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`." + description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`." type: "string" concurrencyPolicy: - description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one" + description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one" enum: - "Allow" - "Forbid" - "Replace" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" fallback: - description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob." + description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob." type: "boolean" schedule: - description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly." + description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly." type: "string" startingDeadlineSeconds: - description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones." + description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones." format: "int64" type: "integer" timeZone: @@ -4139,7 +4175,7 @@ spec: description: "The configuration of Dependencies trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4150,7 +4186,7 @@ spec: description: "The configuration of Deployer trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4164,34 +4200,34 @@ spec: - "knative-service" type: "string" useSSA: - description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." + description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." type: "boolean" type: "object" deployment: description: "The configuration of Deployment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Deprecated: no longer in use." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`." + description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`." format: "int32" type: "integer" rollingUpdateMaxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`." + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`." x-kubernetes-int-or-string: true rollingUpdateMaxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`." x-kubernetes-int-or-string: true strategy: description: "The deployment strategy to use to replace existing pods with new ones." @@ -4204,7 +4240,7 @@ spec: description: "The configuration of Environment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true containerMeta: @@ -4217,7 +4253,7 @@ spec: description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)" type: "boolean" vars: - description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables." + description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables." items: type: "string" type: "array" @@ -4226,7 +4262,7 @@ spec: description: "The configuration of Error Handler trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4240,11 +4276,11 @@ spec: description: "The configuration of GC trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." enum: - "disabled" - "disk" @@ -4258,7 +4294,7 @@ spec: description: "The configuration of Health trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4358,13 +4394,13 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" + description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" type: "object" auto: description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4377,7 +4413,7 @@ spec: description: "To configure the path exposed by the ingress (default `/`)." type: "string" pathType: - description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." + description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." enum: - "Exact" - "Prefix" @@ -4399,7 +4435,7 @@ spec: description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4413,15 +4449,15 @@ spec: description: "The configuration of Jolokia trait" properties: CACert: - description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." + description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." type: "string" clientPrincipal: - description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." + description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryEnabled: @@ -4431,13 +4467,13 @@ spec: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" extendedClientCheck: - description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)." + description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)." type: "boolean" host: - description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)." + description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)." type: "string" options: - description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" + description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" items: type: "string" type: "array" @@ -4464,7 +4500,7 @@ spec: description: "Additional JVM classpath (use `Linux` classpath separator)" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true debug: @@ -4488,7 +4524,7 @@ spec: type: "string" type: "array" printCommand: - description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use." + description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use." type: "boolean" type: "object" kamelets: @@ -4498,7 +4534,7 @@ spec: description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4528,12 +4564,12 @@ spec: description: "Enable automatic discovery of all trait properties." type: "boolean" channelSinks: - description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" channelSources: - description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" @@ -4541,14 +4577,14 @@ spec: description: "Can be used to inject a Knative complete configuration in JSON format." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" endpointSinks: - description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs." + description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs." items: type: "string" type: "array" @@ -4558,31 +4594,31 @@ spec: type: "string" type: "array" eventSinks: - description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)." + description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)." items: type: "string" type: "array" eventSources: - description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." + description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." items: type: "string" type: "array" filterEventType: - description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" + description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" type: "boolean" filterSourceChannels: - description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default." + description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default." type: "boolean" filters: - description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration." + description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration." items: type: "string" type: "array" namespaceLabel: - description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" + description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" type: "boolean" sinkBinding: - description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)." + description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)." type: "boolean" type: "object" knative-service: @@ -4591,45 +4627,45 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" auto: - description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" + description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" type: "boolean" autoscalingMetric: - description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information." type: "string" autoscalingTarget: - description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information." + description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information." type: "integer" class: - description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information." enum: - "kpa.autoscaling.knative.dev" - "hpa.autoscaling.knative.dev" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxScale: - description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information." + description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information." type: "integer" minScale: - description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information." + description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information." type: "integer" rolloutDuration: - description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision." + description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision." type: "string" timeoutSeconds: - description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information." + description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information." format: "int64" type: "integer" visibility: - description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information." + description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information." enum: - "cluster-local" type: "string" @@ -4641,7 +4677,7 @@ spec: description: "Colorize the log output" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4680,12 +4716,12 @@ spec: description: "The configuration of Mount trait" properties: configs: - description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" + description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true emptyDirs: @@ -4697,15 +4733,15 @@ spec: description: "Deprecated: no longer in use." type: "boolean" hotReload: - description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata." + description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata." type: "boolean" resources: - description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" + description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" items: type: "string" type: "array" scanKameletsImplicitLabelSecrets: - description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." + description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." type: "boolean" volumes: description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]" @@ -4717,12 +4753,12 @@ spec: description: "The configuration of OpenAPI trait" properties: configmaps: - description: "The configmaps holding the spec of the OpenAPI" + description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4733,7 +4769,7 @@ spec: description: "The configuration of Owner trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4754,44 +4790,44 @@ spec: description: "The configuration of PDB trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxUnavailable: - description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified." + description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified." type: "string" minAvailable: - description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified." + description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified." type: "string" type: "object" platform: description: "The configuration of Platform trait" properties: auto: - description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true createDefault: - description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" enabled: description: "Deprecated: no longer in use." type: "boolean" global: - description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" type: "object" pod: description: "The configuration of Pod trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4802,7 +4838,7 @@ spec: description: "The configuration of Prometheus trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4824,7 +4860,7 @@ spec: description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4841,7 +4877,7 @@ spec: description: "The configuration of Quarkus trait" properties: buildMode: - description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready." + description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready." items: description: "QuarkusMode is the type of Quarkus build packaging." enum: @@ -4850,7 +4886,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4863,9 +4899,9 @@ spec: description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)" type: "string" packageTypes: - description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead." + description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead." items: - description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead." + description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead." enum: - "fast-jar" - "native" @@ -4873,10 +4909,10 @@ spec: type: "array" type: "object" registry: - description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation." + description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation." properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4889,10 +4925,10 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4902,38 +4938,38 @@ spec: description: "To configure the host exposed by the route." type: "string" tlsCACertificate: - description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCACertificateSecret: - description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificate: - description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificateSecret: - description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificate: - description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information." + description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificateSecret: - description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsInsecureEdgeTerminationPolicy: - description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information." + description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "None" - "Allow" - "Redirect" type: "string" tlsKey: - description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsKeySecret: - description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsTermination: - description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "edge" - "reencrypt" @@ -4944,7 +4980,7 @@ spec: description: "The configuration of Security Context trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4971,14 +5007,14 @@ spec: description: "To automatically detect from the code if a Service needs to be created." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" nodePort: - description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead." + description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead." type: "boolean" type: description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'." @@ -4992,7 +5028,7 @@ spec: description: "The configuration of Service Binding trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -5018,7 +5054,7 @@ spec: description: "The configuration of Toleration trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -5076,24 +5112,25 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" uri: description: "URI can be used to specify the (Camel) endpoint explicitly" type: "string" @@ -5125,24 +5162,25 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" uri: description: "URI can be used to specify the (Camel) endpoint explicitly" type: "string" @@ -5176,24 +5214,25 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" uri: description: "URI can be used to specify the (Camel) endpoint explicitly" type: "string" @@ -5241,10 +5280,10 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" + description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" type: "string" type: - description: "Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" + description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" type: "string" required: - "status" @@ -5254,7 +5293,7 @@ spec: items: properties: data: - description: "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding." + description: "RawMessage is a raw encoded JSON value.\nIt implements Marshaler and Unmarshaler and can\nbe used to delay JSON decoding or precompute a JSON encoding." x-kubernetes-preserve-unknown-fields: true name: type: "string" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml index cde47d535..606d2eb11 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kameletbindings.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "kameletbindings.camel.apache.org" spec: group: "camel.apache.org" @@ -37,10 +35,10 @@ spec: description: "KameletBinding is the Schema for the kamelets binding API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -55,7 +53,7 @@ spec: description: "Integration is an optional integration used to specify custom parameters" properties: configuration: - description: "Deprecated: Use camel trait (camel.properties) to manage properties Use mount trait (mount.configs) to manage configs Use mount trait (mount.resources) to manage resources Use mount trait (mount.volumes) to manage volumes" + description: "Deprecated:\nUse camel trait (camel.properties) to manage properties\nUse mount trait (mount.configs) to manage configs\nUse mount trait (mount.resources) to manage resources\nUse mount trait (mount.volumes) to manage volumes" items: description: "ConfigurationSpec represents a generic configuration specification." properties: @@ -89,24 +87,25 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" profile: description: "the profile needed to run this Integration" type: "string" @@ -146,7 +145,7 @@ spec: description: "True if the spec is generated from a Kamelet" type: "boolean" interceptors: - description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources" + description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources" items: type: "string" type: "array" @@ -154,7 +153,7 @@ spec: description: "specify which is the language (Camel DSL) used to interpret this source code" type: "string" loader: - description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime" + description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime" type: "string" name: description: "the name of the specification" @@ -195,17 +194,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -213,7 +212,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -225,7 +224,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -233,8 +232,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -245,8 +245,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -264,6 +265,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -271,7 +273,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -279,13 +281,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -293,12 +296,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -306,31 +310,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -339,7 +344,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -347,7 +352,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -364,10 +369,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -383,7 +388,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -392,20 +397,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -414,7 +419,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -422,7 +427,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -439,10 +444,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -458,7 +463,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -467,7 +472,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -475,19 +480,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -498,7 +503,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -507,7 +512,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -515,7 +520,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -532,24 +537,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -562,45 +567,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -611,19 +616,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -634,7 +639,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -643,7 +648,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -651,7 +656,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -668,24 +673,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -698,17 +703,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -718,10 +723,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -730,15 +735,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -754,7 +759,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -763,20 +768,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -792,27 +797,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -828,48 +833,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -880,7 +885,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -889,7 +894,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -897,7 +902,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -914,24 +919,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -944,34 +949,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -990,27 +995,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1018,7 +1023,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -1030,20 +1035,20 @@ spec: ephemeralContainers: description: "EphemeralContainers" items: - description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for user-initiated activities such as debugging. Ephemeral containers have no resource or scheduling guarantees, and they will not be restarted when they exit or when a Pod is removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the Pod to exceed its resource allocation. \n To add an ephemeral container, use the ephemeralcontainers subresource of an existing Pod. Ephemeral containers may not be removed or restarted." + description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted." properties: args: - description: "Arguments to the entrypoint. The image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -1051,7 +1056,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1063,7 +1068,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1071,8 +1076,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1083,8 +1089,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1102,6 +1109,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1109,7 +1117,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1117,13 +1125,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -1131,12 +1140,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -1144,31 +1154,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images" + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images" type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: description: "Lifecycle is not allowed for ephemeral containers." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1177,7 +1188,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1185,7 +1196,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1202,10 +1213,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -1221,7 +1232,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1230,20 +1241,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -1252,7 +1263,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1260,7 +1271,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1277,10 +1288,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -1296,7 +1307,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -1305,7 +1316,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -1319,13 +1330,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1336,7 +1347,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1345,7 +1356,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1353,7 +1364,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1370,24 +1381,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1400,22 +1411,22 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the ephemeral container specified as a DNS_LABEL. This name must be unique among all containers, init containers and ephemeral containers." + description: "Name of the ephemeral container specified as a DNS_LABEL.\nThis name must be unique among all containers, init containers and ephemeral containers." type: "string" ports: description: "Ports are not allowed for ephemeral containers." @@ -1423,22 +1434,22 @@ spec: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -1455,13 +1466,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1472,7 +1483,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1481,7 +1492,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1489,7 +1500,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1506,24 +1517,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1536,17 +1547,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -1556,10 +1567,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -1568,15 +1579,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources already allocated to the pod." + description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod." properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -1592,7 +1603,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -1601,20 +1612,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "Restart policy for the container to manage the restart behavior of each container within a pod. This may only be set for init containers. You cannot set this field on ephemeral containers." + description: "Restart policy for the container to manage the restart behavior of each\ncontainer within a pod.\nThis may only be set for init containers. You cannot set this field on\nephemeral containers." type: "string" securityContext: - description: "Optional: SecurityContext defines the security options the ephemeral container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." + description: "Optional: SecurityContext defines the security options the ephemeral container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -1630,27 +1641,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -1666,31 +1677,31 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -1701,13 +1712,13 @@ spec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -1718,7 +1729,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -1727,7 +1738,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -1735,7 +1746,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -1752,24 +1763,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -1782,37 +1793,37 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" targetContainerName: - description: "If set, the name of the container from PodSpec that this ephemeral container targets. The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. If not set then the ephemeral container uses the namespaces configured in the Pod spec. \n The container runtime must implement support for this feature. If the runtime does not support namespace targeting then the result of setting this field is undefined." + description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined." type: "string" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -1831,27 +1842,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -1859,7 +1870,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -1871,17 +1882,17 @@ spec: description: "A single application container that you want to run within a pod." properties: args: - description: "Arguments to the entrypoint. The container image's CMD is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" command: - description: "Entrypoint array. Not executed within a shell. The container image's ENTRYPOINT is used if this is not provided. Variable references $(VAR_NAME) are expanded using the container's environment. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Cannot be updated. More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" + description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" env: - description: "List of environment variables to set in the container. Cannot be updated." + description: "List of environment variables to set in the container.\nCannot be updated." items: description: "EnvVar represents an environment variable present in a Container." properties: @@ -1889,7 +1900,7 @@ spec: description: "Name of the environment variable. Must be a C_IDENTIFIER." type: "string" value: - description: "Variable references $(VAR_NAME) are expanded using the previously defined environment variables in the container and any service environment variables. If a variable cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless of whether the variable exists or not. Defaults to \"\"." + description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." type: "string" valueFrom: description: "Source for the environment variable's value. Cannot be used if value is not empty." @@ -1901,7 +1912,7 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1909,8 +1920,9 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." + description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -1921,8 +1933,9 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -1940,6 +1953,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" secretKeyRef: description: "Selects a key of a secret in the pod's namespace" properties: @@ -1947,7 +1961,7 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1955,13 +1969,14 @@ spec: required: - "key" type: "object" + x-kubernetes-map-type: "atomic" type: "object" required: - "name" type: "object" type: "array" envFrom: - description: "List of sources to populate environment variables in the container. The keys defined within a source must be a C_IDENTIFIER. All invalid keys will be reported as an event when the container is starting. When a key exists in multiple sources, the value associated with the last source will take precedence. Values defined by an Env with a duplicate key will take precedence. Cannot be updated." + description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: description: "EnvFromSource represents the source of a set of ConfigMaps" properties: @@ -1969,12 +1984,13 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the ConfigMap must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" prefix: description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." type: "string" @@ -1982,31 +1998,32 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "Specify whether the Secret must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" type: "object" type: "array" image: - description: "Container image name. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets." + description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" imagePullPolicy: - description: "Image pull policy. One of Always, Never, IfNotPresent. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. Cannot be updated. More info: https://kubernetes.io/docs/concepts/containers/images#updating-images" + description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" type: "string" lifecycle: - description: "Actions that the management system should take in response to container lifecycle events. Cannot be updated." + description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." properties: postStart: - description: "PostStart is called immediately after a container is created. If the handler fails, the container is terminated and restarted according to its restart policy. Other management of the container blocks until the hook completes. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2015,7 +2032,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2023,7 +2040,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2040,10 +2057,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -2059,7 +2076,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2068,20 +2085,20 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" type: "object" preStop: - description: "PreStop is called immediately before a container is terminated due to an API request or management event such as liveness/startup probe failure, preemption, resource contention, etc. The handler is not called if the container crashes or exits. The Pod's termination grace period countdown begins before the PreStop hook is executed. Regardless of the outcome of the handler, the container will eventually terminate within the Pod's termination grace period (unless delayed by finalizers). Other management of the container blocks until the hook completes or until the termination grace period is reached. More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" + description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" @@ -2090,7 +2107,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2098,7 +2115,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2115,10 +2132,10 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" @@ -2134,7 +2151,7 @@ spec: - "seconds" type: "object" tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified." + description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: host: description: "Optional: Host name to connect to, defaults to the pod IP." @@ -2143,7 +2160,7 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" @@ -2151,19 +2168,19 @@ spec: type: "object" type: "object" livenessProbe: - description: "Periodic probe of container liveness. Container will be restarted if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2174,7 +2191,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2183,7 +2200,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2191,7 +2208,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2208,24 +2225,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2238,45 +2255,45 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" name: - description: "Name of the container specified as a DNS_LABEL. Each container in a pod must have a unique name (DNS_LABEL). Cannot be updated." + description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." type: "string" ports: - description: "List of ports to expose from the container. Not specifying a port here DOES NOT prevent that port from being exposed. Any port which is listening on the default \"0.0.0.0\" address inside a container will be accessible from the network. Modifying this array with strategic merge patch may corrupt the data. For more information See https://github.com/kubernetes/kubernetes/issues/108255. Cannot be updated." + description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." items: description: "ContainerPort represents a network port in a single container." properties: containerPort: - description: "Number of port to expose on the pod's IP address. This must be a valid port number, 0 < x < 65536." + description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." format: "int32" type: "integer" hostIP: description: "What host IP to bind the external port to." type: "string" hostPort: - description: "Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536. If HostNetwork is specified, this must match ContainerPort. Most containers do not need this." + description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." format: "int32" type: "integer" name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each named port in a pod must have a unique name. Name for the port that can be referred to by services." + description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." type: "string" protocol: default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP. Defaults to \"TCP\"." + description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." type: "string" required: - "containerPort" @@ -2287,19 +2304,19 @@ spec: - "protocol" x-kubernetes-list-type: "map" readinessProbe: - description: "Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2310,7 +2327,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2319,7 +2336,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2327,7 +2344,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2344,24 +2361,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2374,17 +2391,17 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" @@ -2394,10 +2411,10 @@ spec: description: "ContainerResizePolicy represents resource resize policy for the container." properties: resourceName: - description: "Name of the resource to which this resource resize policy applies. Supported values: cpu, memory." + description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." type: "string" restartPolicy: - description: "Restart policy to apply when specified resource is resized. If not specified, it defaults to NotRequired." + description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." type: "string" required: - "resourceName" @@ -2406,15 +2423,15 @@ spec: type: "array" x-kubernetes-list-type: "atomic" resources: - description: "Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" properties: claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. \n This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. \n This field is immutable. It can only be set for containers." + description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." items: description: "ResourceClaim references one entry in PodSpec.ResourceClaims." properties: name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container." + description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." type: "string" required: - "name" @@ -2430,7 +2447,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -2439,20 +2456,20 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is \"Always\". For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as \"Always\" for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy \"Always\" will be shut down. This lifecycle differs from normal init containers and is often referred to as a \"sidecar\" container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed." + description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." type: "string" securityContext: - description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" + description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" properties: allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows." + description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" capabilities: - description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows." + description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: add: description: "Added capabilities" @@ -2468,27 +2485,27 @@ spec: type: "array" type: "object" privileged: - description: "Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows." + description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" procMount: - description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows." + description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." type: "string" readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows." + description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to the container. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2504,48 +2521,48 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" properties: exec: description: "Exec specifies the action to take." properties: command: - description: "Command is the command line to execute inside the container, the working directory for the command is root ('/') in the container's filesystem. The command is simply exec'd, it is not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use a shell, you need to explicitly call out to that shell. Exit status of 0 is treated as live/healthy and non-zero is unhealthy." + description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." items: type: "string" type: "array" type: "object" failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded. Defaults to 3. Minimum value is 1." + description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." format: "int32" type: "integer" grpc: @@ -2556,7 +2573,7 @@ spec: format: "int32" type: "integer" service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). \n If this is not specified, the default behavior is defined by gRPC." + description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." type: "string" required: - "port" @@ -2565,7 +2582,7 @@ spec: description: "HTTPGet specifies the http request to perform." properties: host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set \"Host\" in httpHeaders instead." + description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." type: "string" httpHeaders: description: "Custom headers to set in the request. HTTP allows repeated headers." @@ -2573,7 +2590,7 @@ spec: description: "HTTPHeader describes a custom header to be used in HTTP probes" properties: name: - description: "The header field name. This will be canonicalized upon output, so case-variant names will be understood as the same header." + description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." type: "string" value: description: "The header field value" @@ -2590,24 +2607,24 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Name or number of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true scheme: - description: "Scheme to use for connecting to the host. Defaults to HTTP." + description: "Scheme to use for connecting to the host.\nDefaults to HTTP." type: "string" required: - "port" type: "object" initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" periodSeconds: - description: "How often (in seconds) to perform the probe. Default to 10 seconds. Minimum value is 1." + description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." format: "int32" type: "integer" successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed. Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1." + description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." format: "int32" type: "integer" tcpSocket: @@ -2620,34 +2637,34 @@ spec: anyOf: - type: "integer" - type: "string" - description: "Number or name of the port to access on the container. Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME." + description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." x-kubernetes-int-or-string: true required: - "port" type: "object" terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure. The grace period is the duration in seconds after the processes running in the pod are sent a termination signal and the time when the processes are forcibly halted with a kill signal. Set this value longer than the expected cleanup time for your process. If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this value overrides the value provided by the pod spec. Value must be non-negative integer. The value zero indicates stop immediately via the kill signal (no opportunity to shut down). This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset." + description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." format: "int64" type: "integer" timeoutSeconds: - description: "Number of seconds after which the probe times out. Defaults to 1 second. Minimum value is 1. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" + description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" format: "int32" type: "integer" type: "object" stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false." + description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." type: "boolean" stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by a single attach. When stdin is true the stdin stream will remain open across multiple attach sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the first client attaches to stdin, and then remains open and accepts data until the client disconnects, at which time stdin is closed and remains closed until the container is restarted. If this flag is false, a container processes that reads from stdin will never receive an EOF. Default is false" + description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" type: "boolean" terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message will be written is mounted into the container's filesystem. Message written is intended to be brief final status, such as an assertion failure message. Will be truncated by the node if greater than 4096 bytes. The total message length across all containers will be limited to 12kb. Defaults to /dev/termination-log. Cannot be updated." + description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." type: "string" terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of terminationMessagePath to populate the container status message on both success and failure. FallbackToLogsOnError will use the last chunk of container log output if the termination message file is empty and the container exited with an error. The log output is limited to 2048 bytes or 80 lines, whichever is smaller. Defaults to File. Cannot be updated." + description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." type: "string" tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. Default is false." + description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." type: "boolean" volumeDevices: description: "volumeDevices is the list of block devices to be used by the container." @@ -2666,27 +2683,27 @@ spec: type: "object" type: "array" volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Cannot be updated." + description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: description: "VolumeMount describes a mounting of a Volume within a container." properties: mountPath: - description: "Path within the container at which the volume should be mounted. Must not contain ':'." + description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." type: "string" name: description: "This must match the Name of a Volume." type: "string" readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false." + description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" subPath: - description: "Path within the volume from which the container's volume should be mounted. Defaults to \"\" (volume's root)." + description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to \"\" (volume's root). SubPathExpr and SubPath are mutually exclusive." + description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." type: "string" required: - "mountPath" @@ -2694,7 +2711,7 @@ spec: type: "object" type: "array" workingDir: - description: "Container's working directory. If not specified, the container runtime's default will be used, which might be configured in the container image. Cannot be updated." + description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" required: - "name" @@ -2712,25 +2729,25 @@ spec: description: "PodSecurityContext" properties: fsGroup: - description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: \n 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- \n If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows." + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used. Note that this field cannot be set when spec.os.name is windows." + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." type: "string" runAsGroup: - description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" runAsNonRoot: - description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "boolean" runAsUser: - description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" type: "integer" seLinuxOptions: - description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows." + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." properties: level: description: "Level is SELinux level label that applies to the container." @@ -2746,25 +2763,25 @@ spec: type: "string" type: "object" seccompProfile: - description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows." + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." properties: localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is \"Localhost\". Must NOT be set for any other type." + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." type: "string" type: - description: "type indicates which kind of seccomp profile will be applied. Valid options are: \n Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied." + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." type: "string" required: - "type" type: "object" supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows." + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." items: format: "int64" type: "integer" type: "array" sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows." + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: description: "Sysctl defines a kernel parameter to be set" properties: @@ -2780,19 +2797,19 @@ spec: type: "object" type: "array" windowsOptions: - description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux." + description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field." + description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." type: "string" gmsaCredentialSpecName: description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." type: "string" hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true." + description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." type: "boolean" runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence." + description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." type: "string" type: "object" type: "object" @@ -2806,21 +2823,21 @@ spec: description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." properties: labelSelector: - description: "LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain." + description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -2832,34 +2849,35 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. \n This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed. When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference between the number of matching pods in the target topology and the global minimum. The global minimum is the minimum number of matching pods in an eligible domain or zero if the number of eligible domains is less than MinDomains. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 2/2/1: In this case, the global minimum is 1. | zone1 | zone2 | zone3 | | P P | P P | P | - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) violate MaxSkew(1). - if MaxSkew is 2, incoming pod can be scheduled onto any zone. When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence to topologies that satisfy it. It's a required field. Default value is 1 and 0 is not allowed." + description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. \n For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. \n This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." format: "int32" type: "integer" nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. \n If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. \n If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." + description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." type: "string" topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key and identical values are considered to be in the same topology. We consider each as a \"bucket\", and try to put balanced number of pods into each bucket. We define a domain as a particular instance of a topology. Also, we define an eligible domain as a domain whose nodes meet the requirements of nodeAffinityPolicy and nodeTaintsPolicy. e.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology. And, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology. It's a required field." + description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." type: "string" whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy the spread constraint. - DoNotSchedule (default) tells the scheduler not to schedule it. - ScheduleAnyway tells the scheduler to schedule the pod in any location, but giving higher precedence to topologies that would help reduce the skew. A constraint is considered \"Unsatisfiable\" for an incoming pod if and only if every possible node assignment for that pod would violate \"MaxSkew\" on some topology. For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same labelSelector spread as 3/1/1: | zone1 | zone2 | zone3 | | P P P | P | P | If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler won't make it *more* imbalanced. It's a required field." + description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." type: "string" required: - "maxSkew" @@ -2873,20 +2891,20 @@ spec: description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." properties: awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." format: "int32" type: "integer" readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "boolean" volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" + description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" type: "string" required: - "volumeID" @@ -2904,13 +2922,13 @@ spec: description: "diskURI is the URI of data disk in the blob storage" type: "string" fsType: - description: "fsType is Filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" kind: description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" required: - "diskName" @@ -2920,7 +2938,7 @@ spec: description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." properties: readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretName: description: "secretName is the name of secret that contains Azure Storage Account Name and Key" @@ -2936,7 +2954,7 @@ spec: description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" properties: monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" items: type: "string" type: "array" @@ -2944,42 +2962,44 @@ spec: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "boolean" secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is optional: User is the rados user name, default is admin More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" + description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" type: "string" required: - "monitors" type: "object" cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "boolean" secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack." + description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeID: - description: "volumeID used to identify the volume in cinder. More info: https://examples.k8s.io/mysql-cinder-pd/README.md" + description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" type: "string" required: - "volumeID" @@ -2988,11 +3008,11 @@ spec: description: "configMap represents a configMap that should populate this volume" properties: defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3000,11 +3020,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3012,35 +3032,37 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" csi: description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." properties: driver: - description: "driver is the name of the CSI driver that handles this volume. Consult with your admin for the correct name as registered in the cluster." + description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." type: "string" fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\". If not provided, the empty value is passed to the associated CSI driver which will determine the default filesystem to apply." + description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." type: "string" nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed." + description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" readOnly: - description: "readOnly specifies a read-only configuration for the volume. Defaults to false (read/write)." + description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." type: "boolean" volumeAttributes: additionalProperties: type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI driver. Consult your driver's documentation for supported values." + description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." type: "object" required: - "driver" @@ -3049,7 +3071,7 @@ spec: description: "downwardAPI represents downward API about the pod that should populate this volume" properties: defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: @@ -3069,15 +3091,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3095,47 +3118,48 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" type: "array" type: "object" emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" properties: medium: - description: "medium represents what type of storage medium should back this directory. The default is \"\" which means to use the node's default medium. Must be an empty string (default) or Memory. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" type: "string" sizeLimit: anyOf: - type: "integer" - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume. The size limit is also applicable for memory medium. The maximum usage on memory medium EmptyDir would be the minimum value between the SizeLimit specified here and the sum of memory limits of all containers in a pod. The default is nil which means that the limit is undefined. More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" + description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true type: "object" ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver. The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, and deleted when the pod is removed. \n Use this if: a) the volume is only needed while the pod runs, b) features of normal volumes like restoring from snapshot or capacity tracking are needed, c) the storage driver is specified through a storage class, and d) the storage driver supports dynamic volume provisioning through a PersistentVolumeClaim (see EphemeralVolumeSource for more information on the connection between this volume type and PersistentVolumeClaim). \n Use PersistentVolumeClaim or one of the vendor-specific APIs for volumes that persist for longer than the lifecycle of an individual pod. \n Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to be used that way - see the documentation of the driver for more information. \n A pod can use both types of ephemeral volumes and persistent volumes at the same time." + description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." properties: volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume. The pod in which this EphemeralVolumeSource is embedded will be the owner of the PVC, i.e. the PVC will be deleted together with the pod. The name of the PVC will be `-` where `` is the name from the `PodSpec.Volumes` array entry. Pod validation will reject the pod if the concatenated name is not valid for a PVC (for example, too long). \n An existing PVC with that name that is not owned by the pod will *not* be used for the pod to avoid using an unrelated volume by mistake. Starting the pod is then blocked until the unrelated PVC is removed. If such a pre-created PVC is meant to be used by the pod, the PVC has to updated with an owner reference to the pod once the pod exists. Normally this should not be necessary, but it may be useful when manually reconstructing a broken cluster. \n This field is read-only and no changes will be made by Kubernetes to the PVC after it has been created. \n Required, must not be nil." + description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." properties: metadata: - description: "May contain labels and annotations that will be copied into the PVC when creating it. No other fields are allowed and will be rejected during validation." + description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." type: "object" spec: - description: "The specification for the PersistentVolumeClaim. The entire content is copied unchanged into the PVC that gets created from this template. The same fields as in a PersistentVolumeClaim are also valid here." + description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." properties: accessModes: - description: "accessModes contains the desired access modes the volume should have. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" + description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" items: type: "string" type: "array" dataSource: - description: "dataSource field can be used to specify either: * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) * An existing PVC (PersistentVolumeClaim) If the provisioner or an external controller can support the specified data source, it will create a new volume based on the contents of the specified data source. When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. If the namespace is specified, then dataSourceRef will not be copied to dataSource." + description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3147,11 +3171,12 @@ spec: - "kind" - "name" type: "object" + x-kubernetes-map-type: "atomic" dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty volume is desired. This may be any object from a non-empty API group (non core object) or a PersistentVolumeClaim object. When this field is specified, volume binding will only succeed if the type of the specified object matches some installed volume populator or dynamic provisioner. This field will replace the functionality of the dataSource field and as such if both fields are non-empty, they must have the same value. For backwards compatibility, when namespace isn't specified in dataSourceRef, both fields (dataSource and dataSourceRef) will be set to the same value automatically if one of them is empty and the other is non-empty. When namespace is specified in dataSourceRef, dataSource isn't set to the same value and must be empty. There are three important differences between dataSource and dataSourceRef: * While dataSource only allows two specific types of objects, dataSourceRef allows any non-core object, as well as PersistentVolumeClaim objects. * While dataSource ignores disallowed values (dropping them), dataSourceRef preserves all values, and generates an error if a disallowed value is specified. * While dataSource only allows local objects, dataSourceRef allows objects in any namespaces. (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." properties: apiGroup: - description: "APIGroup is the group for the resource being referenced. If APIGroup is not specified, the specified Kind must be in the core API group. For any other third-party types, APIGroup is required." + description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." type: "string" kind: description: "Kind is the type of resource being referenced" @@ -3160,14 +3185,14 @@ spec: description: "Name is the name of resource being referenced" type: "string" namespace: - description: "Namespace is the namespace of resource being referenced Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." + description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." type: "string" required: - "kind" - "name" type: "object" resources: - description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" + description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: limits: additionalProperties: @@ -3176,7 +3201,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" requests: additionalProperties: @@ -3185,7 +3210,7 @@ spec: - type: "string" pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" + description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" type: "object" type: "object" selector: @@ -3194,16 +3219,16 @@ spec: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3215,17 +3240,18 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" + description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: - description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec." + description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" volumeName: description: "volumeName is the binding reference to the PersistentVolume backing this claim." @@ -3239,14 +3265,14 @@ spec: description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" lun: description: "lun is Optional: FC target lun number" format: "int32" type: "integer" readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" targetWWNs: description: "targetWWNs is Optional: FC target worldwide names (WWNs)" @@ -3254,19 +3280,19 @@ spec: type: "string" type: "array" wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids) Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously." + description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" type: "object" flexVolume: - description: "flexVolume represents a generic volume resource that is provisioned/attached using an exec based plugin." + description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." properties: driver: description: "driver is the name of the driver to use for this volume." type: "string" fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." type: "string" options: additionalProperties: @@ -3274,15 +3300,16 @@ spec: description: "options is Optional: this field holds extra command options if any." type: "object" readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts." + description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" required: - "driver" type: "object" @@ -3290,36 +3317,36 @@ spec: description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" properties: datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker should be considered as deprecated" + description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" type: "string" datasetUUID: description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" type: "string" type: "object" gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" properties: fsType: - description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" partition: - description: "partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as \"1\". Similarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" format: "int32" type: "integer" pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" type: "boolean" required: - "pdName" type: "object" gitRepo: - description: "gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container." + description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." properties: directory: - description: "directory is the target directory name. Must not contain or start with '..'. If '.' is supplied, the volume directory will be the git repository. Otherwise, if specified, the volume will contain the git repository in the subdirectory with the given name." + description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." type: "string" repository: description: "repository is the URL" @@ -3331,35 +3358,35 @@ spec: - "repository" type: "object" glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md" + description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" properties: endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" path: - description: "path is the Glusterfs volume path. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "string" readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions. Defaults to false. More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" + description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" type: "boolean" required: - "endpoints" - "path" type: "object" hostPath: - description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write." + description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." properties: path: - description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" type: - description: "type for HostPath Volume Defaults to \"\" More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" + description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" type: "string" required: - "path" type: "object" iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md" + description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" properties: chapAuthDiscovery: description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" @@ -3368,38 +3395,39 @@ spec: description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" type: "boolean" fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection." + description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." type: "string" iqn: description: "iqn is the target iSCSI Qualified Name." type: "string" iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp)." + description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." type: "string" lun: description: "lun represents iSCSI Target Lun number." format: "int32" type: "integer" portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." items: type: "string" type: "array" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false." + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" secretRef: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260)." + description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." type: "string" required: - "iqn" @@ -3407,32 +3435,32 @@ spec: - "targetPortal" type: "object" name: - description: "name of the volume. Must be a DNS_LABEL and unique within the pod. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" properties: path: - description: "path that is exported by the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "boolean" server: - description: "server is the hostname or IP address of the NFS server. More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" + description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" type: "string" required: - "path" - "server" type: "object" persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" properties: claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" + description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" type: "string" readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts. Default false." + description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." type: "boolean" required: - "claimName" @@ -3441,7 +3469,7 @@ spec: description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" pdID: description: "pdID is the ID that identifies Photon Controller persistent disk" @@ -3453,10 +3481,10 @@ spec: description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" properties: fsType: - description: "fSType represents the filesystem type to mount Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" volumeID: description: "volumeID uniquely identifies a Portworx volume" @@ -3468,7 +3496,7 @@ spec: description: "projected items for all in one resources secrets, configmaps, and downward API" properties: defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" sources: @@ -3477,24 +3505,24 @@ spec: description: "Projection that may be projected along with other supported volume types" properties: clusterTrustBundle: - description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field of ClusterTrustBundle objects in an auto-updating file. \n Alpha, gated by the ClusterTrustBundleProjection feature gate. \n ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. \n Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time." + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." properties: labelSelector: - description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as \"match nothing\". If set but empty, interpreted as \"match everything\"." + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values." + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." properties: key: description: "key is the label key that the selector applies to." type: "string" operator: - description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist." + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." type: "string" values: - description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch." + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." items: type: "string" type: "array" @@ -3506,20 +3534,21 @@ spec: matchLabels: additionalProperties: type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." type: "object" type: "object" + x-kubernetes-map-type: "atomic" name: - description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector." + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." type: "string" optional: - description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles." + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." type: "boolean" path: description: "Relative path from the volume root to write the bundle." type: "string" signerName: - description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated." + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." type: "string" required: - "path" @@ -3528,7 +3557,7 @@ spec: description: "configMap information about the configMap data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3536,11 +3565,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3548,12 +3577,13 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" downwardAPI: description: "downwardAPI information about the downwardAPI data to project" properties: @@ -3574,15 +3604,16 @@ spec: required: - "fieldPath" type: "object" + x-kubernetes-map-type: "atomic" mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" type: "string" resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." + description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." properties: containerName: description: "Container name: required for volumes, optional for env vars" @@ -3600,6 +3631,7 @@ spec: required: - "resource" type: "object" + x-kubernetes-map-type: "atomic" required: - "path" type: "object" @@ -3609,7 +3641,7 @@ spec: description: "secret information about the secret data to project" properties: items: - description: "items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3617,11 +3649,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3629,24 +3661,25 @@ spec: type: "object" type: "array" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" type: "boolean" type: "object" + x-kubernetes-map-type: "atomic" serviceAccountToken: description: "serviceAccountToken is information about the serviceAccountToken data to project" properties: audience: - description: "audience is the intended audience of the token. A recipient of a token must identify itself with an identifier specified in the audience of the token, and otherwise should reject the token. The audience defaults to the identifier of the apiserver." + description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." type: "string" expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service account token. As the token approaches expiration, the kubelet volume plugin will proactively rotate the service account token. The kubelet will start trying to rotate the token if the token is older than 80 percent of its time to live or if the token is older than 24 hours.Defaults to 1 hour and must be at least 10 minutes." + description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." format: "int64" type: "integer" path: - description: "path is the path relative to the mount point of the file to project the token into." + description: "path is the path relative to the mount point of the file to project the\ntoken into." type: "string" required: - "path" @@ -3658,19 +3691,19 @@ spec: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" properties: group: - description: "group to map volume access to Default is no group" + description: "group to map volume access to\nDefault is no group" type: "string" readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions. Defaults to false." + description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." type: "boolean" registry: - description: "registry represents a single or multiple Quobyte Registry services specified as a string as host:port pair (multiple entries are separated with commas) which acts as the central registry for volumes" + description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" type: "string" tenant: - description: "tenant owning the given Quobyte volume in the Backend Used with dynamically provisioned Quobyte volumes, value is set by the plugin" + description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" type: "string" user: - description: "user to map volume access to Defaults to serivceaccount user" + description: "user to map volume access to\nDefaults to serivceaccount user" type: "string" volume: description: "volume is a string that references an already created Quobyte volume by name." @@ -3680,37 +3713,38 @@ spec: - "volume" type: "object" rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md" + description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" properties: fsType: - description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine" + description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" type: "string" image: - description: "image is the rados image name. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" keyring: - description: "keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" monitors: - description: "monitors is a collection of Ceph monitors. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" items: type: "string" type: "array" pool: - description: "pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "boolean" secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" user: - description: "user is the rados user name. Default is admin. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" + description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" required: - "image" @@ -3720,7 +3754,7 @@ spec: description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Default is \"xfs\"." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." type: "string" gateway: description: "gateway is the host address of the ScaleIO API Gateway." @@ -3729,20 +3763,21 @@ spec: description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." type: "string" readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail." + description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" sslEnabled: description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" type: "boolean" storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. Default is ThinProvisioned." + description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." type: "string" storagePool: description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." @@ -3751,7 +3786,7 @@ spec: description: "system is the name of the storage system as configured in ScaleIO." type: "string" volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system that is associated with this volume source." + description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." type: "string" required: - "gateway" @@ -3759,14 +3794,14 @@ spec: - "system" type: "object" secret: - description: "secret represents a secret that should populate this volume. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" properties: defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" items: - description: "items If unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'." + description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." items: description: "Maps a string key to a path within a volume." properties: @@ -3774,11 +3809,11 @@ spec: description: "key is the key to project." type: "string" mode: - description: "mode is Optional: mode bits used to set permissions on this file. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set." + description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." format: "int32" type: "integer" path: - description: "path is the relative path of the file to map the key to. May not be an absolute path. May not contain the path element '..'. May not start with the string '..'." + description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." type: "string" required: - "key" @@ -3789,37 +3824,38 @@ spec: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" secretName: - description: "secretName is the name of the secret in the pod's namespace to use. More info: https://kubernetes.io/docs/concepts/storage/volumes#secret" + description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" type: "string" type: "object" storageos: description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." properties: fsType: - description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts." + description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." type: "boolean" secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted." + description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" type: "string" type: "object" + x-kubernetes-map-type: "atomic" volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume names are only unique within a namespace." + description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." type: "string" volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no namespace is specified then the Pod's namespace will be used. This allows the Kubernetes name scoping to be mirrored within StorageOS for tighter integration. Set VolumeName to any name to override the default behaviour. Set to \"default\" if you are not using namespaces within StorageOS. Namespaces that do not pre-exist within StorageOS will be created." + description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." type: "string" type: "object" vsphereVolume: description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" properties: fsType: - description: "fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." + description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." type: "string" storagePolicyID: description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." @@ -3865,7 +3901,7 @@ spec: description: "The configuration of Affinity trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -3880,7 +3916,7 @@ spec: description: "Always co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should be co-located with." items: type: "string" type: "array" @@ -3888,7 +3924,7 @@ spec: description: "Never co-locates multiple replicas of the integration in the same node (default `false`)." type: "boolean" podAntiAffinityLabels: - description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the integration pod(s) should not be co-located with." + description: "Defines a set of pods (namely those matching the label selector, relative to the given namespace) that the\nintegration pod(s) should not be co-located with." items: type: "string" type: "array" @@ -3902,10 +3938,10 @@ spec: description: "When using `pod` strategy, annotation to use for the builder pod." type: "object" baseImage: - description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK installed and ready to use on path (ie `/usr/bin/java`)." + description: "Specify a base image. In order to have the application working properly it must be a container image which has a Java JDK\ninstalled and ready to use on path (ie `/usr/bin/java`)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -3915,13 +3951,13 @@ spec: description: "Use the incremental image build option, to reuse existing containers (default `true`)" type: "boolean" limitCPU: - description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" limitMemory: - description: "When using `pod` strategy, the maximum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the maximum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" mavenProfiles: - description: "A list of references pointing to configmaps/secrets that contains a maven profile. This configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit. The content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM. Syntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." + description: "A list of references pointing to configmaps/secrets that contains a maven profile.\nThis configmap/secret is a resource of the IntegrationKit created, therefore it needs to be present in the namespace where the operator is going to create the IntegrationKit.\nThe content of the maven profile is expected to be a text containing a valid maven profile starting with `` and ending with `` that will be integrated as an inline profile in the POM.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name, key optionally represents the resource key to be filtered (default key value = profile.xml)." items: type: "string" type: "array" @@ -3948,10 +3984,10 @@ spec: type: "string" type: "array" requestCPU: - description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of CPU required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" requestMemory: - description: "When using `pod` strategy, the minimum amount of memory required by the pod builder. Deprecated: use TasksRequestCPU instead with task name `builder`." + description: "When using `pod` strategy, the minimum amount of memory required by the pod builder.\nDeprecated: use TasksRequestCPU instead with task name `builder`." type: "string" strategy: description: "The strategy to use, either `pod` or `routine` (default `routine`)" @@ -3965,7 +4001,7 @@ spec: type: "string" type: "array" tasksFilter: - description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`. Mind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`) if you need to execute them. Useful only with `pod` strategy." + description: "A list of tasks sorted by the order of execution in a csv format, ie, `,,...`.\nMind that you must include also the operator tasks (`builder`, `quarkus-native`, `package`, `jib`, `s2i`)\nif you need to execute them. Useful only with `pod` strategy." type: "string" tasksLimitCPU: description: "A list of limit cpu configuration for the specific task with format `:`." @@ -3988,14 +4024,14 @@ spec: type: "string" type: "array" verbose: - description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod). Deprecated no longer in use" + description: "Enable verbose logging on build components that support it (e.g. Kaniko build pod).\nDeprecated no longer in use" type: "boolean" type: "object" camel: description: "The configuration of Camel trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4007,7 +4043,7 @@ spec: type: "string" type: "array" runtimeVersion: - description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform. You can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve to the best matching Catalog existing on the cluster." + description: "The camel-k-runtime version to use for the integration. It overrides the default version set in the Integration Platform.\nYou can use a fixed version (for example \"3.2.3\") or a semantic version (for example \"3.x\") which will try to resolve\nto the best matching Catalog existing on the cluster." type: "string" type: "object" container: @@ -4032,7 +4068,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4042,7 +4078,7 @@ spec: description: "Can be used to enable/disable exposure via kubernetes Service." type: "boolean" image: - description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which won't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead Integration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." + description: "The main container image to use for the Integration. When using this parameter the operator will create a synthetic IntegrationKit which\nwon't be able to execute traits requiring CamelCatalog. If the container image you're using is coming from an IntegrationKit, use instead\nIntegration `.spec.integrationKit` parameter. If you're moving the Integration across environments, you will also need to create an \"external\" IntegrationKit." type: "string" imagePullPolicy: description: "The pull policy: Always|Never|IfNotPresent" @@ -4096,41 +4132,41 @@ spec: description: "The configuration of Cron trait" properties: activeDeadlineSeconds: - description: "Specifies the duration in seconds, relative to the start time, that the job may be continuously active before it is considered to be failed. It defaults to 60s." + description: "Specifies the duration in seconds, relative to the start time, that the job\nmay be continuously active before it is considered to be failed.\nIt defaults to 60s." format: "int64" type: "integer" auto: - description: "Automatically deploy the integration as CronJob when all routes are either starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer). \n It's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`, while `35m` or `50s` cannot)." + description: "Automatically deploy the integration as CronJob when all routes are\neither starting from a periodic consumer (only `cron`, `timer` and `quartz` are supported) or a passive consumer (e.g. `direct` is a passive consumer).\n\n\nIt's required that all periodic consumers have the same period, and it can be expressed as cron schedule (e.g. `1m` can be expressed as `0/1 * * * *`,\nwhile `35m` or `50s` cannot)." type: "boolean" backoffLimit: - description: "Specifies the number of retries before marking the job failed. It defaults to 2." + description: "Specifies the number of retries before marking the job failed.\nIt defaults to 2." format: "int32" type: "integer" components: - description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes. A specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is activated (it's present in the `org.apache.camel.k:camel-k-cron` library). \n Supported components are currently: `cron`, `timer` and `quartz`." + description: "A comma separated list of the Camel components that need to be customized in order for them to work when the schedule is triggered externally by Kubernetes.\nA specific customizer is activated for each specified component. E.g. for the `timer` component, the `cron-timer` customizer is\nactivated (it's present in the `org.apache.camel.k:camel-k-cron` library).\n\n\nSupported components are currently: `cron`, `timer` and `quartz`." type: "string" concurrencyPolicy: - description: "Specifies how to treat concurrent executions of a Job. Valid values are: - \"Allow\": allows CronJobs to run concurrently; - \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet; - \"Replace\": cancels currently running job and replaces it with a new one" + description: "Specifies how to treat concurrent executions of a Job.\nValid values are:\n- \"Allow\": allows CronJobs to run concurrently;\n- \"Forbid\" (default): forbids concurrent runs, skipping next run if previous run hasn't finished yet;\n- \"Replace\": cancels currently running job and replaces it with a new one" enum: - "Allow" - "Forbid" - "Replace" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" fallback: - description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration as Kubernetes CronJob." + description: "Use the default Camel implementation of the `cron` endpoint (`quartz`) instead of trying to materialize the integration\nas Kubernetes CronJob." type: "boolean" schedule: - description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this mechanism to work correctly." + description: "The CronJob schedule for the whole integration. If multiple routes are declared, they must have the same schedule for this\nmechanism to work correctly." type: "string" startingDeadlineSeconds: - description: "Optional deadline in seconds for starting the job if it misses scheduled time for any reason. Missed jobs executions will be counted as failed ones." + description: "Optional deadline in seconds for starting the job if it misses scheduled\ntime for any reason. Missed jobs executions will be counted as failed ones." format: "int64" type: "integer" timeZone: @@ -4141,7 +4177,7 @@ spec: description: "The configuration of Dependencies trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4152,7 +4188,7 @@ spec: description: "The configuration of Deployer trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4166,34 +4202,34 @@ spec: - "knative-service" type: "string" useSSA: - description: "Use server-side apply to update the owned resources (default `true`). Note that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." + description: "Use server-side apply to update the owned resources (default `true`).\nNote that it automatically falls back to client-side patching, if SSA is not available, e.g., on old Kubernetes clusters." type: "boolean" type: "object" deployment: description: "The configuration of Deployment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Deprecated: no longer in use." type: "boolean" progressDeadlineSeconds: - description: "The maximum time in seconds for the deployment to make progress before it is considered to be failed. It defaults to `60s`." + description: "The maximum time in seconds for the deployment to make progress before it\nis considered to be failed. It defaults to `60s`." format: "int32" type: "integer" rollingUpdateMaxSurge: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to `25%`." + description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to `25%`." x-kubernetes-int-or-string: true rollingUpdateMaxUnavailable: anyOf: - type: "integer" - type: "string" - description: "The maximum number of pods that can be unavailable during the update. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). Absolute number is calculated from percentage by rounding down. This can not be 0 if MaxSurge is 0. Defaults to `25%`." + description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to `25%`." x-kubernetes-int-or-string: true strategy: description: "The deployment strategy to use to replace existing pods with new ones." @@ -4206,7 +4242,7 @@ spec: description: "The configuration of Environment trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true containerMeta: @@ -4219,7 +4255,7 @@ spec: description: "Propagates the `HTTP_PROXY`, `HTTPS_PROXY` and `NO_PROXY` environment variables (default `true`)" type: "boolean" vars: - description: "A list of environment variables to be added to the integration container. The syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`. These take precedence over the previously defined environment variables." + description: "A list of environment variables to be added to the integration container.\nThe syntax is KEY=VALUE, e.g., `MY_VAR=\"my value\"`.\nThese take precedence over the previously defined environment variables." items: type: "string" type: "array" @@ -4228,7 +4264,7 @@ spec: description: "The configuration of Error Handler trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4242,11 +4278,11 @@ spec: description: "The configuration of GC trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryCache: - description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`). Deprecated: to be removed from trait configuration." + description: "Discovery client cache to be used, either `disabled`, `disk` or `memory` (default `memory`).\nDeprecated: to be removed from trait configuration." enum: - "disabled" - "disk" @@ -4260,7 +4296,7 @@ spec: description: "The configuration of Health trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4360,13 +4396,13 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to the ingress. This can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller: See https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" + description: "The annotations added to the ingress.\nThis can be used to set controller specific annotations, e.g., when using the NGINX Ingress controller:\nSee https://github.com/kubernetes/ingress-nginx/blob/main/docs/user-guide/nginx-configuration/annotations.md" type: "object" auto: description: "To automatically add an ingress whenever the integration uses an HTTP endpoint consumer." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4379,7 +4415,7 @@ spec: description: "To configure the path exposed by the ingress (default `/`)." type: "string" pathType: - description: "To configure the path type exposed by the ingress. One of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." + description: "To configure the path type exposed by the ingress.\nOne of `Exact`, `Prefix`, `ImplementationSpecific` (default to `Prefix`)." enum: - "Exact" - "Prefix" @@ -4401,7 +4437,7 @@ spec: description: "Configures a (comma-separated) list of CIDR subnets that should not be intercepted by the Istio proxy (`10.0.0.0/8,172.16.0.0/12,192.168.0.0/16` by default)." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4415,15 +4451,15 @@ spec: description: "The configuration of Jolokia trait" properties: CACert: - description: "The PEM encoded CA certification file path, used to verify client certificates, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." + description: "The PEM encoded CA certification file path, used to verify client certificates,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `/var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt` for OpenShift)." type: "string" clientPrincipal: - description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." + description: "The principal(s) which must be given in a client certificate to allow access to the Jolokia endpoint,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `clientPrincipal=cn=system:master-proxy`, `cn=hawtio-online.hawtio.svc` and `cn=fuse-console.fuse.svc` for OpenShift)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true discoveryEnabled: @@ -4433,13 +4469,13 @@ spec: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" extendedClientCheck: - description: "Mandate the client certificate contains a client flag in the extended key usage section, applicable when `protocol` is `https` and `use-ssl-client-authentication` is `true` (default `true` for OpenShift)." + description: "Mandate the client certificate contains a client flag in the extended key usage section,\napplicable when `protocol` is `https` and `use-ssl-client-authentication` is `true`\n(default `true` for OpenShift)." type: "boolean" host: - description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given, the servers binds to every network interface (default `\"*\"`)." + description: "The Host address to which the Jolokia agent should bind to. If `\"\\*\"` or `\"0.0.0.0\"` is given,\nthe servers binds to every network interface (default `\"*\"`)." type: "string" options: - description: "A list of additional Jolokia options as defined in https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" + description: "A list of additional Jolokia options as defined\nin https://jolokia.org/reference/html/agents.html#agent-jvm-config[JVM agent configuration options]" items: type: "string" type: "array" @@ -4466,7 +4502,7 @@ spec: description: "Additional JVM classpath (use `Linux` classpath separator)" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true debug: @@ -4490,7 +4526,7 @@ spec: type: "string" type: "array" printCommand: - description: "Prints the command used the start the JVM in the container logs (default `true`) Deprecated: no longer in use." + description: "Prints the command used the start the JVM in the container logs (default `true`)\nDeprecated: no longer in use." type: "boolean" type: "object" kamelets: @@ -4500,7 +4536,7 @@ spec: description: "Automatically inject all referenced Kamelets and their default configuration (enabled by default)" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4530,12 +4566,12 @@ spec: description: "Enable automatic discovery of all trait properties." type: "boolean" channelSinks: - description: "List of channels used as destination of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as destination of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" channelSources: - description: "List of channels used as source of integration routes. Can contain simple channel names or full Camel URIs." + description: "List of channels used as source of integration routes.\nCan contain simple channel names or full Camel URIs." items: type: "string" type: "array" @@ -4543,14 +4579,14 @@ spec: description: "Can be used to inject a Knative complete configuration in JSON format." type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" endpointSinks: - description: "List of endpoints used as destination of integration routes. Can contain simple endpoint names or full Camel URIs." + description: "List of endpoints used as destination of integration routes.\nCan contain simple endpoint names or full Camel URIs." items: type: "string" type: "array" @@ -4560,31 +4596,31 @@ spec: type: "string" type: "array" eventSinks: - description: "List of event types that the integration will produce. Can contain simple event types or full Camel URIs (to use a specific broker)." + description: "List of event types that the integration will produce.\nCan contain simple event types or full Camel URIs (to use a specific broker)." items: type: "string" type: "array" eventSources: - description: "List of event types that the integration will be subscribed to. Can contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." + description: "List of event types that the integration will be subscribed to.\nCan contain simple event types or full Camel URIs (to use a specific broker different from \"default\")." items: type: "string" type: "array" filterEventType: - description: "Enables the default filtering for the Knative trigger using the event type If this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" + description: "Enables the default filtering for the Knative trigger using the event type\nIf this is true, the created Knative trigger uses the event type as a filter on the event stream when no other filter criteria is given. (default: true)" type: "boolean" filterSourceChannels: - description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of Knative, filtering is disabled by default." + description: "Enables filtering on events based on the header \"ce-knativehistory\". Since this header has been removed in newer versions of\nKnative, filtering is disabled by default." type: "boolean" filters: - description: "Sets filter attributes on the event stream (such as event type, source, subject and so on). A list of key-value pairs that represent filter attributes and its values. The syntax is KEY=VALUE, e.g., `source=\"my.source\"`. Filter attributes get set on the Knative trigger that is being created as part of this integration." + description: "Sets filter attributes on the event stream (such as event type, source, subject and so on).\nA list of key-value pairs that represent filter attributes and its values.\nThe syntax is KEY=VALUE, e.g., `source=\"my.source\"`.\nFilter attributes get set on the Knative trigger that is being created as part of this integration." items: type: "string" type: "array" namespaceLabel: - description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace As Knative requires this label to perform injection of K_SINK URL into the service. If this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" + description: "Enables the camel-k-operator to set the \"bindings.knative.dev/include=true\" label to the namespace\nAs Knative requires this label to perform injection of K_SINK URL into the service.\nIf this is false, the integration pod may start and fail, read the SinkBinding Knative documentation. (default: true)" type: "boolean" sinkBinding: - description: "Allows binding the integration to a sink via a Knative SinkBinding resource. This can be used when the integration targets a single sink. It's enabled by default when the integration targets a single sink (except when the integration is owned by a Knative source)." + description: "Allows binding the integration to a sink via a Knative SinkBinding resource.\nThis can be used when the integration targets a single sink.\nIt's enabled by default when the integration targets a single sink\n(except when the integration is owned by a Knative source)." type: "boolean" type: "object" knative-service: @@ -4593,45 +4629,45 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set knative service specific annotations CLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set knative service specific annotations\nCLI usage example: -t \"knative-service.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" auto: - description: "Automatically deploy the integration as Knative service when all conditions hold: \n * Integration is using the Knative profile * All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" + description: "Automatically deploy the integration as Knative service when all conditions hold:\n\n\n* Integration is using the Knative profile\n* All routes are either starting from an HTTP based consumer or a passive consumer (e.g. `direct` is a passive consumer)" type: "boolean" autoscalingMetric: - description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling metric property (e.g. to set `concurrency` based or `cpu` based autoscaling).\n\n\nRefer to the Knative documentation for more information." type: "string" autoscalingTarget: - description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod. \n Refer to the Knative documentation for more information." + description: "Sets the allowed concurrency level or CPU percentage (depending on the autoscaling metric) for each Pod.\n\n\nRefer to the Knative documentation for more information." type: "integer" class: - description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling). \n Refer to the Knative documentation for more information." + description: "Configures the Knative autoscaling class property (e.g. to set `hpa.autoscaling.knative.dev` or `kpa.autoscaling.knative.dev` autoscaling).\n\n\nRefer to the Knative documentation for more information." enum: - "kpa.autoscaling.knative.dev" - "hpa.autoscaling.knative.dev" type: "string" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxScale: - description: "An upper bound for the number of Pods that can be running in parallel for the integration. Knative has its own cap value that depends on the installation. \n Refer to the Knative documentation for more information." + description: "An upper bound for the number of Pods that can be running in parallel for the integration.\nKnative has its own cap value that depends on the installation.\n\n\nRefer to the Knative documentation for more information." type: "integer" minScale: - description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that the integration is scaled down to zero when not used for a configured amount of time. \n Refer to the Knative documentation for more information." + description: "The minimum number of Pods that should be running at any time for the integration. It's **zero** by default, meaning that\nthe integration is scaled down to zero when not used for a configured amount of time.\n\n\nRefer to the Knative documentation for more information." type: "integer" rolloutDuration: - description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration. It's disabled by default and must be expressed as a Golang `time.Duration` string representation, rounded to a second precision." + description: "Enables to gradually shift traffic to the latest Revision and sets the rollout duration.\nIt's disabled by default and must be expressed as a Golang `time.Duration` string representation,\nrounded to a second precision." type: "string" timeoutSeconds: - description: "The maximum duration in seconds that the request instance is allowed to respond to a request. This field propagates to the integration pod's terminationGracePeriodSeconds \n Refer to the Knative documentation for more information." + description: "The maximum duration in seconds that the request instance is allowed to respond to a request.\nThis field propagates to the integration pod's terminationGracePeriodSeconds\n\n\nRefer to the Knative documentation for more information." format: "int64" type: "integer" visibility: - description: "Setting `cluster-local`, Knative service becomes a private service. Specifically, this option applies the `networking.knative.dev/visibility` label to Knative service. \n Refer to the Knative documentation for more information." + description: "Setting `cluster-local`, Knative service becomes a private service.\nSpecifically, this option applies the `networking.knative.dev/visibility` label to Knative service.\n\n\nRefer to the Knative documentation for more information." enum: - "cluster-local" type: "string" @@ -4643,7 +4679,7 @@ spec: description: "Colorize the log output" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4682,12 +4718,12 @@ spec: description: "The configuration of Mount trait" properties: configs: - description: "A list of configuration pointing to configmap/secret. The configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files. They are also made available on the classpath in order to ease their usage directly from the Route. Syntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" + description: "A list of configuration pointing to configmap/secret.\nThe configuration are expected to be UTF-8 resources as they are processed by runtime Camel Context and tried to be parsed as property files.\nThey are also made available on the classpath in order to ease their usage directly from the Route.\nSyntax: [configmap|secret]:name[/key], where name represents the resource name and key optionally represents the resource key to be filtered" items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true emptyDirs: @@ -4699,15 +4735,15 @@ spec: description: "Deprecated: no longer in use." type: "boolean" hotReload: - description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be marked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for changes in metadata." + description: "Enable \"hot reload\" when a secret/configmap mounted is edited (default `false`). The configmap/secret must be\nmarked with `camel.apache.org/integration` label to be taken in account. The resource will be watched for any kind change, also for\nchanges in metadata." type: "boolean" resources: - description: "A list of resources (text or binary content) pointing to configmap/secret. The resources are expected to be any resource type (text or binary content). The destination path can be either a default location or any path specified by the user. Syntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" + description: "A list of resources (text or binary content) pointing to configmap/secret.\nThe resources are expected to be any resource type (text or binary content).\nThe destination path can be either a default location or any path specified by the user.\nSyntax: [configmap|secret]:name[/key][@path], where name represents the resource name, key optionally represents the resource key to be filtered and path represents the destination path" items: type: "string" type: "array" scanKameletsImplicitLabelSecrets: - description: "Deprecated: include your properties in an explicit property file backed by a secret. Let the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`. These secrets are mounted to the application and treated as plain properties file with their key/value list (ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." + description: "Deprecated: include your properties in an explicit property file backed by a secret.\nLet the operator to scan for secret labeled with `camel.apache.org/kamelet` and `camel.apache.org/kamelet.configuration`.\nThese secrets are mounted to the application and treated as plain properties file with their key/value list\n(ie .spec.data[\"camel.my-property\"] = my-value) (default `true`)." type: "boolean" volumes: description: "A list of Persistent Volume Claims to be mounted. Syntax: [pvcname:/container/path]" @@ -4719,12 +4755,12 @@ spec: description: "The configuration of OpenAPI trait" properties: configmaps: - description: "The configmaps holding the spec of the OpenAPI" + description: "The configmaps holding the spec of the OpenAPI (compatible with > 3.0 spec only)." items: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4735,7 +4771,7 @@ spec: description: "The configuration of Owner trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4756,44 +4792,44 @@ spec: description: "The configuration of PDB trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" maxUnavailable: - description: "The number of pods for the Integration that can be unavailable after an eviction. It can be either an absolute number or a percentage (default `1` if `min-available` is also not set). Only one of `max-unavailable` and `min-available` can be specified." + description: "The number of pods for the Integration that can be unavailable after an eviction.\nIt can be either an absolute number or a percentage (default `1` if `min-available` is also not set).\nOnly one of `max-unavailable` and `min-available` can be specified." type: "string" minAvailable: - description: "The number of pods for the Integration that must still be available after an eviction. It can be either an absolute number or a percentage. Only one of `min-available` and `max-unavailable` can be specified." + description: "The number of pods for the Integration that must still be available after an eviction.\nIt can be either an absolute number or a percentage.\nOnly one of `min-available` and `max-unavailable` can be specified." type: "string" type: "object" platform: description: "The configuration of Platform trait" properties: auto: - description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To automatically detect from the environment if a default platform can be created (it will be created on OpenShift or when a registry address is set).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true createDefault: - description: "To create a default (empty) platform when the platform is missing. Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "To create a default (empty) platform when the platform is missing.\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" enabled: description: "Deprecated: no longer in use." type: "boolean" global: - description: "Indicates if the platform should be created globally in the case of global operator (default true). Deprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" + description: "Indicates if the platform should be created globally in the case of global operator (default true).\nDeprecated: Platform is auto generated by the operator install procedure - maintained for backward compatibility" type: "boolean" type: "object" pod: description: "The configuration of Pod trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4804,7 +4840,7 @@ spec: description: "The configuration of Prometheus trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4826,7 +4862,7 @@ spec: description: "Automatically configures the platform registry secret on the pod if it is of type `kubernetes.io/dockerconfigjson`." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4843,7 +4879,7 @@ spec: description: "The configuration of Quarkus trait" properties: buildMode: - description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`). In case both `jvm` and `native` are specified, two `IntegrationKit` resources are created, with the `native` kit having precedence over the `jvm` one once ready." + description: "The Quarkus mode to run: either `jvm` or `native` (default `jvm`).\nIn case both `jvm` and `native` are specified, two `IntegrationKit` resources are created,\nwith the `native` kit having precedence over the `jvm` one once ready." items: description: "QuarkusMode is the type of Quarkus build packaging." enum: @@ -4852,7 +4888,7 @@ spec: type: "string" type: "array" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4865,9 +4901,9 @@ spec: description: "The image containing the tooling required for a native build (by default it will use the one provided in the runtime catalog)" type: "string" packageTypes: - description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`). In case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created, with the native kit having precedence over the `fast-jar` one once ready. The order influences the resolution of the current kit for the integration. The kit corresponding to the first package type will be assigned to the integration in case no existing kit that matches the integration exists. Deprecated: use `build-mode` instead." + description: "The Quarkus package types, `fast-jar` or `native` (default `fast-jar`).\nIn case both `fast-jar` and `native` are specified, two `IntegrationKit` resources are created,\nwith the native kit having precedence over the `fast-jar` one once ready.\nThe order influences the resolution of the current kit for the integration.\nThe kit corresponding to the first package type will be assigned to the\nintegration in case no existing kit that matches the integration exists.\nDeprecated: use `build-mode` instead." items: - description: "QuarkusPackageType is the type of Quarkus build packaging. Deprecated: use `QuarkusMode` instead." + description: "QuarkusPackageType is the type of Quarkus build packaging.\nDeprecated: use `QuarkusMode` instead." enum: - "fast-jar" - "native" @@ -4875,10 +4911,10 @@ spec: type: "array" type: "object" registry: - description: "The configuration of Registry trait Deprecated: use jvm trait or read documentation." + description: "The configuration of Registry trait (support removed since version 2.5.0).\nDeprecated: use jvm trait or read documentation." properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4891,10 +4927,10 @@ spec: annotations: additionalProperties: type: "string" - description: "The annotations added to route. This can be used to set route specific annotations For annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations CLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" + description: "The annotations added to route.\nThis can be used to set route specific annotations\nFor annotations options see https://docs.openshift.com/container-platform/3.11/architecture/networking/routes.html#route-specific-annotations\nCLI usage example: -t \"route.annotations.'haproxy.router.openshift.io/balance'=true\"" type: "object" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4904,38 +4940,38 @@ spec: description: "To configure the host exposed by the route." type: "string" tlsCACertificate: - description: "The TLS CA certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS CA certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCACertificateSecret: - description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificate: - description: "The TLS certificate contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsCertificateSecret: - description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificate: - description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify. \n Refer to the OpenShift route documentation for additional information." + description: "The destination CA certificate provides the contents of the ca certificate of the final destination. When using reencrypt\ntermination this file should be provided in order to have routers use it for health checks on the secure connection.\nIf this field is not specified, the router may provide its own destination CA and perform hostname validation using\nthe short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically\nverify.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsDestinationCACertificateSecret: - description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the destination CA certificate. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsInsecureEdgeTerminationPolicy: - description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic. \n Refer to the OpenShift route documentation for additional information." + description: "To configure how to deal with insecure traffic, e.g. `Allow`, `Disable` or `Redirect` traffic.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "None" - "Allow" - "Redirect" type: "string" tlsKey: - description: "The TLS certificate key contents. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS certificate key contents.\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsKeySecret: - description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\". \n Refer to the OpenShift route documentation for additional information." + description: "The secret name and key reference to the TLS certificate key. The format is \"secret-name[/key-name]\", the value represents the secret name, if there is only one key in the secret it will be read, otherwise you can set a key name separated with a \"/\".\n\n\nRefer to the OpenShift route documentation for additional information." type: "string" tlsTermination: - description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`. \n Refer to the OpenShift route documentation for additional information." + description: "The TLS termination type, like `edge`, `passthrough` or `reencrypt`.\n\n\nRefer to the OpenShift route documentation for additional information." enum: - "edge" - "reencrypt" @@ -4946,7 +4982,7 @@ spec: description: "The configuration of Security Context trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -4973,14 +5009,14 @@ spec: description: "To automatically detect from the code if a Service needs to be created." type: "boolean" configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: description: "Can be used to enable or disable a trait. All traits share this common property." type: "boolean" nodePort: - description: "Enable Service to be exposed as NodePort (default `false`). Deprecated: Use service type instead." + description: "Enable Service to be exposed as NodePort (default `false`).\nDeprecated: Use service type instead." type: "boolean" type: description: "The type of service to be used, either 'ClusterIP', 'NodePort' or 'LoadBalancer'." @@ -4994,7 +5030,7 @@ spec: description: "The configuration of Service Binding trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -5020,7 +5056,7 @@ spec: description: "The configuration of Toleration trait" properties: configuration: - description: "Legacy trait configuration parameters. Deprecated: for backward compatibility." + description: "Legacy trait configuration parameters.\nDeprecated: for backward compatibility." type: "object" x-kubernetes-preserve-unknown-fields: true enabled: @@ -5078,27 +5114,28 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" types: additionalProperties: - description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec." + description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec." properties: mediaType: description: "media type as expected for HTTP media types (ie, application/json)" @@ -5112,7 +5149,7 @@ spec: description: type: "string" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true externalDocs: description: "ExternalDocumentation allows referencing an external resource for extended documentation." @@ -5136,18 +5173,18 @@ spec: type: "string" enum: items: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true type: "array" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: type: "boolean" exclusiveMinimum: type: "boolean" format: - description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." + description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." type: "string" id: type: "string" @@ -5205,7 +5242,7 @@ spec: type: "string" type: "object" type: "object" - description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification. Deprecated: In favor of using DataTypes" + description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification.\nDeprecated: In favor of using DataTypes" type: "object" uri: description: "URI can be used to specify the (Camel) endpoint explicitly" @@ -5238,27 +5275,28 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" types: additionalProperties: - description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec." + description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec." properties: mediaType: description: "media type as expected for HTTP media types (ie, application/json)" @@ -5272,7 +5310,7 @@ spec: description: type: "string" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true externalDocs: description: "ExternalDocumentation allows referencing an external resource for extended documentation." @@ -5296,18 +5334,18 @@ spec: type: "string" enum: items: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true type: "array" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: type: "boolean" exclusiveMinimum: type: "boolean" format: - description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." + description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." type: "string" id: type: "string" @@ -5365,7 +5403,7 @@ spec: type: "string" type: "object" type: "object" - description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification. Deprecated: In favor of using DataTypes" + description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification.\nDeprecated: In favor of using DataTypes" type: "object" uri: description: "URI can be used to specify the (Camel) endpoint explicitly" @@ -5400,27 +5438,28 @@ spec: description: "API version of the referent." type: "string" fieldPath: - description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: \"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered the event) or if no container name is specified \"spec.containers[2]\" (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future." + description: "If referring to a piece of an object instead of an entire object, this string\nshould contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2].\nFor example, if the object reference is to a container within a pod, this would take on a value like:\n\"spec.containers{name}\" (where \"name\" refers to the name of the container that triggered\nthe event) or if no container name is specified \"spec.containers[2]\" (container with\nindex 2 in this pod). This syntax is chosen only to have some well-defined way of\nreferencing a part of an object.\nTODO: this design is not final and this field is subject to change in the future." type: "string" kind: - description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind of the referent.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" type: "string" namespace: - description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" + description: "Namespace of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/" type: "string" resourceVersion: - description: "Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" + description: "Specific resourceVersion to which this reference is made, if any.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency" type: "string" uid: - description: "UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" + description: "UID of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids" type: "string" type: "object" + x-kubernetes-map-type: "atomic" types: additionalProperties: - description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec." + description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec." properties: mediaType: description: "media type as expected for HTTP media types (ie, application/json)" @@ -5434,7 +5473,7 @@ spec: description: type: "string" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true externalDocs: description: "ExternalDocumentation allows referencing an external resource for extended documentation." @@ -5458,18 +5497,18 @@ spec: type: "string" enum: items: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true type: "array" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: type: "boolean" exclusiveMinimum: type: "boolean" format: - description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." + description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." type: "string" id: type: "string" @@ -5527,7 +5566,7 @@ spec: type: "string" type: "object" type: "object" - description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification. Deprecated: In favor of using DataTypes" + description: "Types defines the data type of the data produced/consumed by the endpoint and references a given data type specification.\nDeprecated: In favor of using DataTypes" type: "object" uri: description: "URI can be used to specify the (Camel) endpoint explicitly" @@ -5576,10 +5615,10 @@ spec: description: "Unique, one-word, CamelCase reason for the condition's last transition." type: "string" status: - description: "Status is the status of the condition. Can be True, False, Unknown. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" + description: "Status is the status of the condition.\nCan be True, False, Unknown.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" type: "string" type: - description: "Type is the type of the condition. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" + description: "Type is the type of the condition.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#pod-conditions" type: "string" required: - "status" @@ -5589,7 +5628,7 @@ spec: items: properties: data: - description: "RawMessage is a raw encoded JSON value. It implements Marshaler and Unmarshaler and can be used to delay JSON decoding or precompute a JSON encoding." + description: "RawMessage is a raw encoded JSON value.\nIt implements Marshaler and Unmarshaler and can\nbe used to delay JSON decoding or precompute a JSON encoding." x-kubernetes-preserve-unknown-fields: true name: type: "string" diff --git a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kamelets.yaml b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kamelets.yaml index 210e9e74b..5a7cb2194 100644 --- a/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kamelets.yaml +++ b/crd-catalog/apache/camel-k/camel.apache.org/v1alpha1/kamelets.yaml @@ -2,9 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.6.1" - labels: - app: "camel-k" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "kamelets.camel.apache.org" spec: group: "camel.apache.org" @@ -33,10 +31,10 @@ spec: description: "Kamelet is the Schema for the kamelets API." properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -111,7 +109,7 @@ spec: description: type: "string" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true externalDocs: description: "ExternalDocumentation allows referencing an external resource for extended documentation." @@ -135,18 +133,18 @@ spec: type: "string" enum: items: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true type: "array" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: type: "boolean" exclusiveMinimum: type: "boolean" format: - description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." + description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." type: "string" id: type: "string" @@ -221,7 +219,7 @@ spec: description: type: "string" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true externalDocs: description: "ExternalDocumentation allows referencing an external resource for extended documentation." @@ -245,18 +243,18 @@ spec: type: "string" enum: items: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true type: "array" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: type: "boolean" exclusiveMinimum: type: "boolean" format: - description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." + description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." type: "string" id: type: "string" @@ -342,7 +340,7 @@ spec: description: "True if the spec is generated from a Kamelet" type: "boolean" interceptors: - description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources" + description: "Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader\nuses to pre/post process sources" items: type: "string" type: "array" @@ -350,7 +348,7 @@ spec: description: "specify which is the language (Camel DSL) used to interpret this source code" type: "string" loader: - description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime" + description: "Loader is an optional id of the org.apache.camel.k.RoutesLoader that will\ninterpret this source at runtime" type: "string" name: description: "the name of the specification" @@ -378,7 +376,7 @@ spec: x-kubernetes-preserve-unknown-fields: true types: additionalProperties: - description: "EventTypeSpec represents a specification for an event type. Deprecated: In favor of using DataTypeSpec." + description: "EventTypeSpec represents a specification for an event type.\nDeprecated: In favor of using DataTypeSpec." properties: mediaType: description: "media type as expected for HTTP media types (ie, application/json)" @@ -392,7 +390,7 @@ spec: description: type: "string" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true externalDocs: description: "ExternalDocumentation allows referencing an external resource for extended documentation." @@ -416,18 +414,18 @@ spec: type: "string" enum: items: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true type: "array" example: - description: "JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." + description: "JSON represents any valid JSON value.\nThese types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil." x-kubernetes-preserve-unknown-fields: true exclusiveMaximum: type: "boolean" exclusiveMinimum: type: "boolean" format: - description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: \n - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\" - isbn10: an ISBN10 number string like \"0321751043\" - isbn13: an ISBN13 number string like \"978-0321751041\" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$ - hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\" - byte: base64 encoded binary data - password: any kind of string - date: a date string like \"2006-01-02\" as defined by full-date in RFC3339 - duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." + description: "format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated:\n\n\n- bsonobjectid: a bson object ID, i.e. a 24 characters hex string\n- uri: an URI as parsed by Golang net/url.ParseRequestURI\n- email: an email address as parsed by Golang net/mail.ParseAddress\n- hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034].\n- ipv4: an IPv4 IP as parsed by Golang net.ParseIP\n- ipv6: an IPv6 IP as parsed by Golang net.ParseIP\n- cidr: a CIDR as parsed by Golang net.ParseCIDR\n- mac: a MAC address as parsed by Golang net.ParseMAC\n- uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$\n- uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$\n- isbn: an ISBN10 or ISBN13 number string like \"0321751043\" or \"978-0321751041\"\n- isbn10: an ISBN10 number string like \"0321751043\"\n- isbn13: an ISBN13 number string like \"978-0321751041\"\n- creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\\\d{3})\\\\d{11})$ with any non digit characters mixed in\n- ssn: a U.S. social security number following the regex ^\\\\d{3}[- ]?\\\\d{2}[- ]?\\\\d{4}$\n- hexcolor: an hexadecimal color code like \"#FFFFFF\" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$\n- rgbcolor: an RGB color code like rgb like \"rgb(255,255,255)\"\n- byte: base64 encoded binary data\n- password: any kind of string\n- date: a date string like \"2006-01-02\" as defined by full-date in RFC3339\n- duration: a duration string like \"22 ns\" as parsed by Golang time.ParseDuration or compatible with Scala duration format\n- datetime: a date time string like \"2014-12-15T19:30:20.000Z\" as defined by date-time in RFC3339." type: "string" id: type: "string" @@ -485,7 +483,7 @@ spec: type: "string" type: "object" type: "object" - description: "data specification types for the events consumed/produced by the Kamelet Deprecated: In favor of using DataTypes" + description: "data specification types for the events consumed/produced by the Kamelet\nDeprecated: In favor of using DataTypes" type: "object" type: "object" status: diff --git a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml index 83cd0aa48..2abe57836 100644 --- a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml +++ b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinkdeployments.yaml @@ -85,6 +85,15 @@ spec: type: "integer" entryClass: type: "string" + flinkStateSnapshotReference: + properties: + name: + type: "string" + namespace: + type: "string" + path: + type: "string" + type: "object" initialSavepointPath: type: "string" jarURI: @@ -10136,6 +10145,15 @@ spec: type: "string" updateTime: type: "string" + upgradeSnapshotReference: + properties: + name: + type: "string" + namespace: + type: "string" + path: + type: "string" + type: "object" type: "object" lifecycleState: enum: diff --git a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml index b1e2dc0ab..7b9a1e660 100644 --- a/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml +++ b/crd-catalog/apache/flink-kubernetes-operator/flink.apache.org/v1beta1/flinksessionjobs.yaml @@ -47,6 +47,15 @@ spec: type: "integer" entryClass: type: "string" + flinkStateSnapshotReference: + properties: + name: + type: "string" + namespace: + type: "string" + path: + type: "string" + type: "object" initialSavepointPath: type: "string" jarURI: @@ -198,6 +207,15 @@ spec: type: "string" updateTime: type: "string" + upgradeSnapshotReference: + properties: + name: + type: "string" + namespace: + type: "string" + path: + type: "string" + type: "object" type: "object" lifecycleState: enum: diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/backuppolicytemplates.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/backuppolicytemplates.yaml index 8c90bc8f5..a199619a1 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/backuppolicytemplates.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/backuppolicytemplates.yaml @@ -249,7 +249,7 @@ spec: description: "Specifies the target information to back up, it will override the target in backup policy." properties: account: - description: "If `backupPolicy.componentDefs` is set, this field is required to specify the system account name.\nThis account must match one listed in `componentDefinition.spec.systemAccounts[*].name`.\nThe corresponding secret created by this account is used to connect to the database.\n\n\nIf `backupPolicy.componentDefRef` (a legacy and deprecated API) is set, the secret defined in\n`clusterDefinition.spec.ConnectionCredential` is used instead." + description: "If `backupPolicy.componentDefs` is set, this field is required to specify the system account name.\nThis account must match one listed in `componentDefinition.spec.systemAccounts[*].name`.\nThe corresponding secret created by this account is used to connect to the database." type: "string" connectionCredential: description: "Specifies the connection credential to connect to the target database cluster." @@ -275,28 +275,46 @@ spec: required: - "secretName" type: "object" - connectionCredentialKey: - description: "Specifies the keys of the connection credential secret defined in `clusterDefinition.spec.ConnectionCredential`.\nIt will be ignored when the `account` is set." - properties: - hostKey: - description: "Defines the key of the host in the connection credential secret." - type: "string" - passwordKey: - description: "Represents the key of the password in the connection credential secret.\nIf not specified, the default key \"password\" is used." - type: "string" - portKey: - description: "Indicates map key of the port in the connection credential secret." - type: "string" - usernameKey: - description: "Represents the key of the username in the connection credential secret.\nIf not specified, the default key \"username\" is used." - type: "string" - type: "object" + fallbackRole: + description: "Specifies the fallback role to select one replica for backup, this only takes effect when the\n`strategy` field below is set to `Any`." + type: "string" name: description: "Specifies a mandatory and unique identifier for each target when using the \"targets\" field.\nThe backup data for the current target is stored in a uniquely named subdirectory." type: "string" podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: @@ -463,6 +481,37 @@ spec: podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: @@ -552,11 +601,6 @@ spec: - "name" type: "object" type: "array" - componentDefRef: - description: "Specifies the name of ClusterComponentDefinition defined in the ClusterDefinition.\nMust comply with the IANA Service Naming rule.\n\n\nDeprecated since v0.9, should use `componentDefs` instead.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." - maxLength: 22 - pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" componentDefs: description: "Specifies a list of names of ComponentDefinitions that the specified ClusterDefinition references.\nThey should be different versions of definitions of the same component,\nthus allowing them to share a single BackupPolicy.\nEach name must adhere to the IANA Service Naming rule." items: @@ -588,24 +632,11 @@ spec: description: "Defines the selection criteria of instance to be backed up, and the connection credential to be used\nduring the backup process." properties: account: - description: "If `backupPolicy.componentDefs` is set, this field is required to specify the system account name.\nThis account must match one listed in `componentDefinition.spec.systemAccounts[*].name`.\nThe corresponding secret created by this account is used to connect to the database.\n\n\nIf `backupPolicy.componentDefRef` (a legacy and deprecated API) is set, the secret defined in\n`clusterDefinition.spec.ConnectionCredential` is used instead." + description: "If `backupPolicy.componentDefs` is set, this field is required to specify the system account name.\nThis account must match one listed in `componentDefinition.spec.systemAccounts[*].name`.\nThe corresponding secret created by this account is used to connect to the database." + type: "string" + fallbackRole: + description: "Specifies the fallback role to select one replica for backup, this only takes effect when the\n`strategy` field below is set to `Any`." type: "string" - connectionCredentialKey: - description: "Specifies the keys of the connection credential secret defined in `clusterDefinition.spec.ConnectionCredential`.\nIt will be ignored when the `account` is set." - properties: - hostKey: - description: "Defines the key of the host in the connection credential secret." - type: "string" - passwordKey: - description: "Represents the key of the password in the connection credential secret.\nIf not specified, the default key \"password\" is used." - type: "string" - portKey: - description: "Indicates map key of the port in the connection credential secret." - type: "string" - usernameKey: - description: "Represents the key of the username in the connection credential secret.\nIf not specified, the default key \"username\" is used." - type: "string" - type: "object" role: description: "Specifies the role to select one or more replicas for backup.\n\n\n- If no replica with the specified role exists, the backup task will fail.\n Special case: If there is only one replica in the cluster, it will be used for backup,\n even if its role differs from the specified one.\n For example, if you specify backing up on a secondary replica, but the cluster is single-node\n with only one primary replica, the primary will be used for backup.\n Future versions will address this special case using role priorities.\n- If multiple replicas satisfy the specified role, the choice (`Any` or `All`) will be made according to\n the `strategy` field below." type: "string" @@ -623,13 +654,6 @@ spec: type: "object" minItems: 1 type: "array" - clusterDefinitionRef: - description: "Specifies the name of a ClusterDefinition.\nThis is an immutable attribute that cannot be changed after creation.\nAnd this field is deprecated since v0.9, consider using the ComponentDef instead." - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - x-kubernetes-validations: - - message: "clusterDefinitionRef is immutable" - rule: "self == oldSelf" identifier: description: "Specifies a unique identifier for the BackupPolicyTemplate.\n\n\nThis identifier will be used as the suffix of the name of automatically generated BackupPolicy.\nThis prevents unintended overwriting of BackupPolicies due to name conflicts when multiple BackupPolicyTemplates\nare present.\nFor instance, using \"backup-policy\" for regular backups and \"backup-policy-hscale\" for horizontal-scale ops\ncan differentiate the policies." maxLength: 20 diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml index 01dcd467e..b418616f9 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusterdefinitions.yaml @@ -51,5830 +51,6 @@ spec: spec: description: "ClusterDefinitionSpec defines the desired state of ClusterDefinition." properties: - componentDefs: - description: "Provides the definitions for the cluster components.\n\n\nDeprecated since v0.9.\nComponents should now be individually defined using ComponentDefinition and\ncollectively referenced via `topology.components`.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." - items: - description: "ClusterComponentDefinition defines a Component within a ClusterDefinition but is deprecated and\nhas been replaced by ComponentDefinition.\n\n\nDeprecated: Use ComponentDefinition instead. This type is deprecated as of version 0.8." - properties: - characterType: - description: "Defines well-known database component name, such as mongos(mongodb), proxy(redis), mariadb(mysql)." - type: "string" - componentDefRef: - description: "Used to inject values from other components into the current component. Values will be saved and updated in a\nconfigmap and mounted to the current component." - items: - description: "ComponentDefRef is used to select the component and its fields to be referenced.\n\n\nDeprecated since v0.8." - properties: - componentDefName: - description: "The name of the componentDef to be selected." - type: "string" - componentRefEnv: - description: "The values that are to be injected as environment variables into each component." - items: - description: "ComponentRefEnv specifies name and value of an env.\n\n\nDeprecated since v0.8." - properties: - name: - description: "The name of the env, it must be a C identifier." - pattern: "^[A-Za-z_][A-Za-z0-9_]*$" - type: "string" - value: - description: "The value of the env." - type: "string" - valueFrom: - description: "The source from which the value of the env." - properties: - fieldPath: - description: "The jsonpath of the source to select when the Type is `FieldRef`.\nTwo objects are registered in the jsonpath: `componentDef` and `components`:\n\n\n- `componentDef` is the component definition object specified in `componentRef.componentDefName`.\n- `components` are the component list objects referring to the component definition object." - type: "string" - format: - default: "=\"$POD_FQDN\"" - description: "Defines the format of each headless service address.\nThree builtin variables can be used as placeholders: `$POD_ORDINAL`, `$POD_FQDN`, `$POD_NAME`\n\n\n- `$POD_ORDINAL` represents the ordinal of the pod.\n- `$POD_FQDN` represents the fully qualified domain name of the pod.\n- `$POD_NAME` represents the name of the pod." - type: "string" - joinWith: - default: "," - description: "The string used to join the values of headless service addresses." - type: "string" - type: - allOf: - - enum: - - "FieldRef" - - "ServiceRef" - - "HeadlessServiceRef" - - enum: - - "FieldRef" - - "ServiceRef" - - "HeadlessServiceRef" - description: "Specifies the source to select. It can be one of three types: `FieldRef`, `ServiceRef`, `HeadlessServiceRef`." - type: "string" - required: - - "type" - type: "object" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - failurePolicy: - allOf: - - enum: - - "Ignore" - - "Fail" - - enum: - - "Ignore" - - "Fail" - description: "Defines the policy to be followed in case of a failure in finding the component." - type: "string" - required: - - "componentDefName" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "componentDefName" - x-kubernetes-list-type: "map" - configSpecs: - description: "Defines the template of configurations." - items: - properties: - asEnvFrom: - description: "Specifies the containers to inject the ConfigMap parameters as environment variables.\n\n\nThis is useful when application images accept parameters through environment variables and\ngenerate the final configuration file in the startup script based on these variables.\n\n\nThis field allows users to specify a list of container names, and KubeBlocks will inject the environment\nvariables converted from the ConfigMap into these designated containers. This provides a flexible way to\npass the configuration items from the ConfigMap to the container without modifying the image.\n\n\nDeprecated: `asEnvFrom` has been deprecated since 0.9.0 and will be removed in 0.10.0.\nUse `injectEnvTo` instead." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "set" - constraintRef: - description: "Specifies the name of the referenced configuration constraints object." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - defaultMode: - description: "The operator attempts to set default file permissions for scripts (0555) and configurations (0444).\nHowever, certain database engines may require different file permissions.\nYou can specify the desired file permissions here.\n\n\nMust be specified as an octal value between 0000 and 0777 (inclusive),\nor as a decimal value between 0 and 511 (inclusive).\nYAML supports both octal and decimal values for file permissions.\n\n\nPlease note that this setting only affects the permissions of the files themselves.\nDirectories within the specified path are not impacted by this setting.\nIt's important to be aware that this setting might conflict with other options\nthat influence the file mode, such as fsGroup.\nIn such cases, the resulting file mode may have additional bits set.\nRefers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information." - format: "int32" - type: "integer" - injectEnvTo: - description: "Specifies the containers to inject the ConfigMap parameters as environment variables.\n\n\nThis is useful when application images accept parameters through environment variables and\ngenerate the final configuration file in the startup script based on these variables.\n\n\nThis field allows users to specify a list of container names, and KubeBlocks will inject the environment\nvariables converted from the ConfigMap into these designated containers. This provides a flexible way to\npass the configuration items from the ConfigMap to the container without modifying the image." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "set" - keys: - description: "Specifies the configuration files within the ConfigMap that support dynamic updates.\n\n\nA configuration template (provided in the form of a ConfigMap) may contain templates for multiple\nconfiguration files.\nEach configuration file corresponds to a key in the ConfigMap.\nSome of these configuration files may support dynamic modification and reloading without requiring\na pod restart.\n\n\nIf empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates,\nand ConfigConstraint applies to all keys." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "set" - legacyRenderedConfigSpec: - description: "Specifies the secondary rendered config spec for pod-specific customization.\n\n\nThe template is rendered inside the pod (by the \"config-manager\" sidecar container) and merged with the main\ntemplate's render result to generate the final configuration file.\n\n\nThis field is intended to handle scenarios where different pods within the same Component have\nvarying configurations. It allows for pod-specific customization of the configuration.\n\n\nNote: This field will be deprecated in future versions, and the functionality will be moved to\n`cluster.spec.componentSpecs[*].instances[*]`." - properties: - namespace: - default: "default" - description: "Specifies the namespace of the referenced configuration template ConfigMap object.\nAn empty namespace is equivalent to the \"default\" namespace." - pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" - policy: - default: "none" - description: "Defines the strategy for merging externally imported templates into component templates." - enum: - - "patch" - - "replace" - - "none" - type: "string" - templateRef: - description: "Specifies the name of the referenced configuration template ConfigMap object." - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - required: - - "templateRef" - type: "object" - name: - description: "Specifies the name of the configuration template." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - namespace: - default: "default" - description: "Specifies the namespace of the referenced configuration template ConfigMap object.\nAn empty namespace is equivalent to the \"default\" namespace." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" - reRenderResourceTypes: - description: "Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes.\n\n\nIn some scenarios, the configuration may need to be updated to reflect the changes in resource allocation\nor cluster topology. Examples:\n\n\n- Redis: adjust maxmemory after v-scale operation.\n- MySQL: increase max connections after v-scale operation.\n- Zookeeper: update zoo.cfg with new node addresses after h-scale operation." - items: - description: "RerenderResourceType defines the resource requirements for a component." - enum: - - "vscale" - - "hscale" - - "tls" - type: "string" - type: "array" - x-kubernetes-list-type: "set" - templateRef: - description: "Specifies the name of the referenced configuration template ConfigMap object." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - volumeName: - description: "Refers to the volume name of PodTemplate. The configuration file produced through the configuration\ntemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.\nThe volume name must be defined in podSpec.containers[*].volumeMounts." - maxLength: 63 - pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" - required: - - "name" - - "volumeName" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - consensusSpec: - description: "Defines spec for `Consensus` workloads. It's required if the workload type is `Consensus`." - properties: - followers: - description: "Members of the consensus set that have voting rights but are not the leader." - items: - description: "ConsensusMember is deprecated since v0.7." - properties: - accessMode: - default: "ReadWrite" - description: "Specifies the services that this member is capable of providing." - enum: - - "None" - - "Readonly" - - "ReadWrite" - type: "string" - name: - default: "leader" - description: "Specifies the name of the consensus member." - type: "string" - replicas: - default: 0 - description: "Indicates the number of Pods that perform this role.\nThe default is 1 for `Leader`, 0 for `Learner`, others for `Followers`." - format: "int32" - minimum: 0.0 - type: "integer" - required: - - "accessMode" - - "name" - type: "object" - type: "array" - leader: - description: "Represents a single leader in the consensus set." - properties: - accessMode: - default: "ReadWrite" - description: "Specifies the services that this member is capable of providing." - enum: - - "None" - - "Readonly" - - "ReadWrite" - type: "string" - name: - default: "leader" - description: "Specifies the name of the consensus member." - type: "string" - replicas: - default: 0 - description: "Indicates the number of Pods that perform this role.\nThe default is 1 for `Leader`, 0 for `Learner`, others for `Followers`." - format: "int32" - minimum: 0.0 - type: "integer" - required: - - "accessMode" - - "name" - type: "object" - learner: - description: "Represents a member of the consensus set that does not have voting rights." - properties: - accessMode: - default: "ReadWrite" - description: "Specifies the services that this member is capable of providing." - enum: - - "None" - - "Readonly" - - "ReadWrite" - type: "string" - name: - default: "leader" - description: "Specifies the name of the consensus member." - type: "string" - replicas: - default: 0 - description: "Indicates the number of Pods that perform this role.\nThe default is 1 for `Leader`, 0 for `Learner`, others for `Followers`." - format: "int32" - minimum: 0.0 - type: "integer" - required: - - "accessMode" - - "name" - type: "object" - llPodManagementPolicy: - description: "Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.\n\n\n- `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod\nis ready before continuing. Pods are removed in reverse order when scaling down.\n- `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once\nwhen scaling down." - type: "string" - llUpdateStrategy: - description: "Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a\nrevision to the Template.\n`UpdateStrategy` will be ignored if this is provided." - properties: - rollingUpdate: - description: "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType." - properties: - maxUnavailable: - anyOf: - - type: "integer" - - type: "string" - description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable." - x-kubernetes-int-or-string: true - partition: - description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0." - format: "int32" - type: "integer" - type: "object" - type: - description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate." - type: "string" - type: "object" - updateStrategy: - default: "Serial" - description: "Specifies the strategy for updating Pods.\nFor workloadType=`Consensus`, the update strategy can be one of the following:\n\n\n- `Serial`: Updates Members sequentially to minimize component downtime.\n- `BestEffortParallel`: Updates Members in parallel to minimize component write downtime. Majority remains online\nat all times.\n- `Parallel`: Forces parallel updates." - enum: - - "Serial" - - "BestEffortParallel" - - "Parallel" - type: "string" - required: - - "leader" - type: "object" - horizontalScalePolicy: - description: "Defines the behavior of horizontal scale." - properties: - backupPolicyTemplateName: - description: "Refers to the backup policy template." - type: "string" - type: - default: "None" - description: "Determines the data synchronization method when a component scales out.\nThe policy can be one of the following: {None, CloneVolume}. The default policy is `None`.\n\n\n- `None`: This is the default policy. It creates an empty volume without data cloning.\n- `CloneVolume`: This policy clones data to newly scaled pods. It first tries to use a volume snapshot.\n If volume snapshot is not enabled, it will attempt to use a backup tool. If neither method works, it will report an error.\n- `Snapshot`: This policy is deprecated and is an alias for CloneVolume." - enum: - - "None" - - "CloneVolume" - - "Snapshot" - type: "string" - volumeMountsName: - description: "Specifies the volumeMount of the container to backup.\nThis only works if Type is not None. If not specified, the first volumeMount will be selected." - type: "string" - type: "object" - logConfigs: - description: "Specify the logging files which can be observed and configured by cluster users." - items: - properties: - filePathPattern: - description: "Specifies the paths or patterns identifying where the log files are stored.\nThis field allows the system to locate and manage log files effectively.\n\n\nExamples:\n\n\n- /home/postgres/pgdata/pgroot/data/log/postgresql-*\n- /data/mysql/log/mysqld-error.log" - maxLength: 4096 - type: "string" - name: - description: "Specifies a descriptive label for the log type, such as 'slow' for a MySQL slow log file.\nIt provides a clear identification of the log's purpose and content." - maxLength: 128 - type: "string" - required: - - "filePathPattern" - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - name: - description: "This name could be used as default name of `cluster.spec.componentSpecs.name`, and needs to conform with same\nvalidation rules as `cluster.spec.componentSpecs.name`, currently complying with IANA Service Naming rule.\nThis name will apply to cluster objects as the value of label \"apps.kubeblocks.io/component-name\"." - maxLength: 22 - pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" - podSpec: - description: "Defines the pod spec template of component." - properties: - activeDeadlineSeconds: - description: "Optional duration in seconds the pod may be active on the node relative to\nStartTime before the system will actively try to mark it failed and kill associated containers.\nValue must be a positive integer." - format: "int64" - type: "integer" - affinity: - description: "If specified, the pod's scheduling constraints" - properties: - nodeAffinity: - description: "Describes node affinity scheduling rules for the pod." - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." - items: - description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." - properties: - preference: - description: "A node selector term, associated with the corresponding weight." - properties: - matchExpressions: - description: "A list of node selector requirements by node's labels." - items: - description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." - properties: - key: - description: "The label key that the selector applies to." - type: "string" - operator: - description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." - type: "string" - values: - description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchFields: - description: "A list of node selector requirements by node's fields." - items: - description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." - properties: - key: - description: "The label key that the selector applies to." - type: "string" - operator: - description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." - type: "string" - values: - description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - type: "object" - x-kubernetes-map-type: "atomic" - weight: - description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." - format: "int32" - type: "integer" - required: - - "preference" - - "weight" - type: "object" - type: "array" - requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." - properties: - nodeSelectorTerms: - description: "Required. A list of node selector terms. The terms are ORed." - items: - description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." - properties: - matchExpressions: - description: "A list of node selector requirements by node's labels." - items: - description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." - properties: - key: - description: "The label key that the selector applies to." - type: "string" - operator: - description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." - type: "string" - values: - description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchFields: - description: "A list of node selector requirements by node's fields." - items: - description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." - properties: - key: - description: "The label key that the selector applies to." - type: "string" - operator: - description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." - type: "string" - values: - description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - type: "object" - x-kubernetes-map-type: "atomic" - type: "array" - required: - - "nodeSelectorTerms" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - podAffinity: - description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." - items: - description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" - properties: - podAffinityTerm: - description: "Required. A pod affinity term, associated with the corresponding weight." - properties: - labelSelector: - description: "A label query over a set of resources, in this case pods." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaceSelector: - description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." - items: - type: "string" - type: "array" - topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." - type: "string" - required: - - "topologyKey" - type: "object" - weight: - description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." - format: "int32" - type: "integer" - required: - - "podAffinityTerm" - - "weight" - type: "object" - type: "array" - requiredDuringSchedulingIgnoredDuringExecution: - description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." - items: - description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" - properties: - labelSelector: - description: "A label query over a set of resources, in this case pods." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaceSelector: - description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." - items: - type: "string" - type: "array" - topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." - type: "string" - required: - - "topologyKey" - type: "object" - type: "array" - type: "object" - podAntiAffinity: - description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." - properties: - preferredDuringSchedulingIgnoredDuringExecution: - description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." - items: - description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" - properties: - podAffinityTerm: - description: "Required. A pod affinity term, associated with the corresponding weight." - properties: - labelSelector: - description: "A label query over a set of resources, in this case pods." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaceSelector: - description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." - items: - type: "string" - type: "array" - topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." - type: "string" - required: - - "topologyKey" - type: "object" - weight: - description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." - format: "int32" - type: "integer" - required: - - "podAffinityTerm" - - "weight" - type: "object" - type: "array" - requiredDuringSchedulingIgnoredDuringExecution: - description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." - items: - description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" - properties: - labelSelector: - description: "A label query over a set of resources, in this case pods." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaceSelector: - description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - namespaces: - description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." - items: - type: "string" - type: "array" - topologyKey: - description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." - type: "string" - required: - - "topologyKey" - type: "object" - type: "array" - type: "object" - type: "object" - automountServiceAccountToken: - description: "AutomountServiceAccountToken indicates whether a service account token should be automatically mounted." - type: "boolean" - containers: - description: "List of containers belonging to the pod.\nContainers cannot currently be added or removed.\nThere must be at least one container in a Pod.\nCannot be updated." - items: - description: "A single application container that you want to run within a pod." - properties: - args: - description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" - items: - type: "string" - type: "array" - command: - description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" - items: - type: "string" - type: "array" - env: - description: "List of environment variables to set in the container.\nCannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" - envFrom: - description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." - items: - description: "EnvFromSource represents the source of a set of ConfigMaps" - properties: - configMapRef: - description: "The ConfigMap to select from" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." - type: "string" - secretRef: - description: "The Secret to select from" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "array" - image: - description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." - type: "string" - imagePullPolicy: - description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" - type: "string" - lifecycle: - description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." - properties: - postStart: - description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - type: "object" - preStop: - description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - type: "object" - type: "object" - livenessProbe: - description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." - format: "int32" - type: "integer" - grpc: - description: "GRPC specifies an action involving a GRPC port." - properties: - port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." - format: "int32" - type: "integer" - service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." - type: "string" - required: - - "port" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - periodSeconds: - description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." - format: "int32" - type: "integer" - tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." - format: "int64" - type: "integer" - timeoutSeconds: - description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - type: "object" - name: - description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." - type: "string" - ports: - description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." - items: - description: "ContainerPort represents a network port in a single container." - properties: - containerPort: - description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." - format: "int32" - type: "integer" - hostIP: - description: "What host IP to bind the external port to." - type: "string" - hostPort: - description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." - format: "int32" - type: "integer" - name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." - type: "string" - protocol: - default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." - type: "string" - required: - - "containerPort" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "containerPort" - - "protocol" - x-kubernetes-list-type: "map" - readinessProbe: - description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." - format: "int32" - type: "integer" - grpc: - description: "GRPC specifies an action involving a GRPC port." - properties: - port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." - format: "int32" - type: "integer" - service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." - type: "string" - required: - - "port" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - periodSeconds: - description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." - format: "int32" - type: "integer" - tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." - format: "int64" - type: "integer" - timeoutSeconds: - description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - type: "object" - resizePolicy: - description: "Resources resize policy for the container." - items: - description: "ContainerResizePolicy represents resource resize policy for the container." - properties: - resourceName: - description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." - type: "string" - restartPolicy: - description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." - type: "string" - required: - - "resourceName" - - "restartPolicy" - type: "object" - type: "array" - x-kubernetes-list-type: "atomic" - resources: - description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." - type: "string" - securityContext: - description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" - properties: - allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." - type: "boolean" - capabilities: - description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." - properties: - add: - description: "Added capabilities" - items: - description: "Capability represent POSIX capabilities type" - type: "string" - type: "array" - drop: - description: "Removed capabilities" - items: - description: "Capability represent POSIX capabilities type" - type: "string" - type: "array" - type: "object" - privileged: - description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." - type: "boolean" - procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." - type: "string" - readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." - type: "boolean" - runAsGroup: - description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." - format: "int64" - type: "integer" - runAsNonRoot: - description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." - type: "boolean" - runAsUser: - description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." - format: "int64" - type: "integer" - seLinuxOptions: - description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." - properties: - level: - description: "Level is SELinux level label that applies to the container." - type: "string" - role: - description: "Role is a SELinux role label that applies to the container." - type: "string" - type: - description: "Type is a SELinux type label that applies to the container." - type: "string" - user: - description: "User is a SELinux user label that applies to the container." - type: "string" - type: "object" - seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." - properties: - localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." - type: "string" - type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." - type: "string" - required: - - "type" - type: "object" - windowsOptions: - description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." - properties: - gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." - type: "string" - gmsaCredentialSpecName: - description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." - type: "string" - hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." - type: "boolean" - runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." - type: "string" - type: "object" - type: "object" - startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." - format: "int32" - type: "integer" - grpc: - description: "GRPC specifies an action involving a GRPC port." - properties: - port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." - format: "int32" - type: "integer" - service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." - type: "string" - required: - - "port" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - periodSeconds: - description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." - format: "int32" - type: "integer" - tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." - format: "int64" - type: "integer" - timeoutSeconds: - description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - type: "object" - stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." - type: "boolean" - stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" - type: "boolean" - terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." - type: "string" - terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." - type: "string" - tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." - type: "boolean" - volumeDevices: - description: "volumeDevices is the list of block devices to be used by the container." - items: - description: "volumeDevice describes a mapping of a raw block device within a container." - properties: - devicePath: - description: "devicePath is the path inside of the container that the device will be mapped to." - type: "string" - name: - description: "name must match the name of a persistentVolumeClaim in the pod" - type: "string" - required: - - "devicePath" - - "name" - type: "object" - type: "array" - volumeMounts: - description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." - items: - description: "VolumeMount describes a mounting of a Volume within a container." - properties: - mountPath: - description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." - type: "string" - mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." - type: "string" - name: - description: "This must match the Name of a Volume." - type: "string" - readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." - type: "boolean" - subPath: - description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." - type: "string" - subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." - type: "string" - required: - - "mountPath" - - "name" - type: "object" - type: "array" - workingDir: - description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." - type: "string" - required: - - "name" - type: "object" - type: "array" - dnsConfig: - description: "Specifies the DNS parameters of a pod.\nParameters specified here will be merged to the generated DNS\nconfiguration based on DNSPolicy." - properties: - nameservers: - description: "A list of DNS name server IP addresses.\nThis will be appended to the base nameservers generated from DNSPolicy.\nDuplicated nameservers will be removed." - items: - type: "string" - type: "array" - options: - description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." - items: - description: "PodDNSConfigOption defines DNS resolver options of a pod." - properties: - name: - description: "Required." - type: "string" - value: - type: "string" - type: "object" - type: "array" - searches: - description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." - items: - type: "string" - type: "array" - type: "object" - dnsPolicy: - description: "Set DNS policy for the pod.\nDefaults to \"ClusterFirst\".\nValid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.\nDNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.\nTo have DNS options set along with hostNetwork, you have to specify DNS policy\nexplicitly to 'ClusterFirstWithHostNet'." - type: "string" - enableServiceLinks: - description: "EnableServiceLinks indicates whether information about services should be injected into pod's\nenvironment variables, matching the syntax of Docker links.\nOptional: Defaults to true." - type: "boolean" - ephemeralContainers: - description: "List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing\npod to perform user-initiated actions such as debugging. This list cannot be specified when\ncreating a pod, and it cannot be modified by updating the pod spec. In order to add an\nephemeral container to an existing pod, use the pod's ephemeralcontainers subresource." - items: - description: "An EphemeralContainer is a temporary container that you may add to an existing Pod for\nuser-initiated activities such as debugging. Ephemeral containers have no resource or\nscheduling guarantees, and they will not be restarted when they exit or when a Pod is\nremoved or restarted. The kubelet may evict a Pod if an ephemeral container causes the\nPod to exceed its resource allocation.\n\n\nTo add an ephemeral container, use the ephemeralcontainers subresource of an existing\nPod. Ephemeral containers may not be removed or restarted." - properties: - args: - description: "Arguments to the entrypoint.\nThe image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" - items: - type: "string" - type: "array" - command: - description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" - items: - type: "string" - type: "array" - env: - description: "List of environment variables to set in the container.\nCannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" - envFrom: - description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." - items: - description: "EnvFromSource represents the source of a set of ConfigMaps" - properties: - configMapRef: - description: "The ConfigMap to select from" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." - type: "string" - secretRef: - description: "The Secret to select from" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "array" - image: - description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images" - type: "string" - imagePullPolicy: - description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" - type: "string" - lifecycle: - description: "Lifecycle is not allowed for ephemeral containers." - properties: - postStart: - description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - type: "object" - preStop: - description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - type: "object" - type: "object" - livenessProbe: - description: "Probes are not allowed for ephemeral containers." - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." - format: "int32" - type: "integer" - grpc: - description: "GRPC specifies an action involving a GRPC port." - properties: - port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." - format: "int32" - type: "integer" - service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." - type: "string" - required: - - "port" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - periodSeconds: - description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." - format: "int32" - type: "integer" - tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." - format: "int64" - type: "integer" - timeoutSeconds: - description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - type: "object" - name: - description: "Name of the ephemeral container specified as a DNS_LABEL.\nThis name must be unique among all containers, init containers and ephemeral containers." - type: "string" - ports: - description: "Ports are not allowed for ephemeral containers." - items: - description: "ContainerPort represents a network port in a single container." - properties: - containerPort: - description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." - format: "int32" - type: "integer" - hostIP: - description: "What host IP to bind the external port to." - type: "string" - hostPort: - description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." - format: "int32" - type: "integer" - name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." - type: "string" - protocol: - default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." - type: "string" - required: - - "containerPort" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "containerPort" - - "protocol" - x-kubernetes-list-type: "map" - readinessProbe: - description: "Probes are not allowed for ephemeral containers." - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." - format: "int32" - type: "integer" - grpc: - description: "GRPC specifies an action involving a GRPC port." - properties: - port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." - format: "int32" - type: "integer" - service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." - type: "string" - required: - - "port" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - periodSeconds: - description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." - format: "int32" - type: "integer" - tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." - format: "int64" - type: "integer" - timeoutSeconds: - description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - type: "object" - resizePolicy: - description: "Resources resize policy for the container." - items: - description: "ContainerResizePolicy represents resource resize policy for the container." - properties: - resourceName: - description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." - type: "string" - restartPolicy: - description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." - type: "string" - required: - - "resourceName" - - "restartPolicy" - type: "object" - type: "array" - x-kubernetes-list-type: "atomic" - resources: - description: "Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources\nalready allocated to the pod." - properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - restartPolicy: - description: "Restart policy for the container to manage the restart behavior of each\ncontainer within a pod.\nThis may only be set for init containers. You cannot set this field on\nephemeral containers." - type: "string" - securityContext: - description: "Optional: SecurityContext defines the security options the ephemeral container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext." - properties: - allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." - type: "boolean" - capabilities: - description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." - properties: - add: - description: "Added capabilities" - items: - description: "Capability represent POSIX capabilities type" - type: "string" - type: "array" - drop: - description: "Removed capabilities" - items: - description: "Capability represent POSIX capabilities type" - type: "string" - type: "array" - type: "object" - privileged: - description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." - type: "boolean" - procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." - type: "string" - readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." - type: "boolean" - runAsGroup: - description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." - format: "int64" - type: "integer" - runAsNonRoot: - description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." - type: "boolean" - runAsUser: - description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." - format: "int64" - type: "integer" - seLinuxOptions: - description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." - properties: - level: - description: "Level is SELinux level label that applies to the container." - type: "string" - role: - description: "Role is a SELinux role label that applies to the container." - type: "string" - type: - description: "Type is a SELinux type label that applies to the container." - type: "string" - user: - description: "User is a SELinux user label that applies to the container." - type: "string" - type: "object" - seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." - properties: - localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." - type: "string" - type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." - type: "string" - required: - - "type" - type: "object" - windowsOptions: - description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." - properties: - gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." - type: "string" - gmsaCredentialSpecName: - description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." - type: "string" - hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." - type: "boolean" - runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." - type: "string" - type: "object" - type: "object" - startupProbe: - description: "Probes are not allowed for ephemeral containers." - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." - format: "int32" - type: "integer" - grpc: - description: "GRPC specifies an action involving a GRPC port." - properties: - port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." - format: "int32" - type: "integer" - service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." - type: "string" - required: - - "port" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - periodSeconds: - description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." - format: "int32" - type: "integer" - tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." - format: "int64" - type: "integer" - timeoutSeconds: - description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - type: "object" - stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." - type: "boolean" - stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" - type: "boolean" - targetContainerName: - description: "If set, the name of the container from PodSpec that this ephemeral container targets.\nThe ephemeral container will be run in the namespaces (IPC, PID, etc) of this container.\nIf not set then the ephemeral container uses the namespaces configured in the Pod spec.\n\n\nThe container runtime must implement support for this feature. If the runtime does not\nsupport namespace targeting then the result of setting this field is undefined." - type: "string" - terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." - type: "string" - terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." - type: "string" - tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." - type: "boolean" - volumeDevices: - description: "volumeDevices is the list of block devices to be used by the container." - items: - description: "volumeDevice describes a mapping of a raw block device within a container." - properties: - devicePath: - description: "devicePath is the path inside of the container that the device will be mapped to." - type: "string" - name: - description: "name must match the name of a persistentVolumeClaim in the pod" - type: "string" - required: - - "devicePath" - - "name" - type: "object" - type: "array" - volumeMounts: - description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated." - items: - description: "VolumeMount describes a mounting of a Volume within a container." - properties: - mountPath: - description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." - type: "string" - mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." - type: "string" - name: - description: "This must match the Name of a Volume." - type: "string" - readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." - type: "boolean" - subPath: - description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." - type: "string" - subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." - type: "string" - required: - - "mountPath" - - "name" - type: "object" - type: "array" - workingDir: - description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." - type: "string" - required: - - "name" - type: "object" - type: "array" - hostAliases: - description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts\nfile if specified. This is only valid for non-hostNetwork pods." - items: - description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file." - properties: - hostnames: - description: "Hostnames for the above IP address." - items: - type: "string" - type: "array" - ip: - description: "IP address of the host file entry." - type: "string" - type: "object" - type: "array" - hostIPC: - description: "Use the host's ipc namespace.\nOptional: Default to false." - type: "boolean" - hostNetwork: - description: "Host networking requested for this pod. Use the host's network namespace.\nIf this option is set, the ports that will be used must be specified.\nDefault to false." - type: "boolean" - hostPID: - description: "Use the host's pid namespace.\nOptional: Default to false." - type: "boolean" - hostUsers: - description: "Use the host's user namespace.\nOptional: Default to true.\nIf set to true or not present, the pod will be run in the host user namespace, useful\nfor when the pod needs a feature only available to the host user namespace, such as\nloading a kernel module with CAP_SYS_MODULE.\nWhen set to false, a new userns is created for the pod. Setting false is useful for\nmitigating container breakout vulnerabilities even allowing users to run their\ncontainers as root without actually having root privileges on the host.\nThis field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature." - type: "boolean" - hostname: - description: "Specifies the hostname of the Pod\nIf not specified, the pod's hostname will be set to a system-defined value." - type: "string" - imagePullSecrets: - description: "ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec.\nIf specified, these secrets will be passed to individual puller implementations for them to use.\nMore info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod" - items: - description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - type: "array" - initContainers: - description: "List of initialization containers belonging to the pod.\nInit containers are executed in order prior to containers being started. If any\ninit container fails, the pod is considered to have failed and is handled according\nto its restartPolicy. The name for an init container or normal container must be\nunique among all containers.\nInit containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.\nThe resourceRequirements of an init container are taken into account during scheduling\nby finding the highest request/limit for each resource type, and then using the max of\nof that value or the sum of the normal containers. Limits are applied to init containers\nin a similar fashion.\nInit containers cannot currently be added or removed.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/" - items: - description: "A single application container that you want to run within a pod." - properties: - args: - description: "Arguments to the entrypoint.\nThe container image's CMD is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" - items: - type: "string" - type: "array" - command: - description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" - items: - type: "string" - type: "array" - env: - description: "List of environment variables to set in the container.\nCannot be updated." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" - envFrom: - description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." - items: - description: "EnvFromSource represents the source of a set of ConfigMaps" - properties: - configMapRef: - description: "The ConfigMap to select from" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - prefix: - description: "An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER." - type: "string" - secretRef: - description: "The Secret to select from" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - type: "array" - image: - description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." - type: "string" - imagePullPolicy: - description: "Image pull policy.\nOne of Always, Never, IfNotPresent.\nDefaults to Always if :latest tag is specified, or IfNotPresent otherwise.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/containers/images#updating-images" - type: "string" - lifecycle: - description: "Actions that the management system should take in response to container lifecycle events.\nCannot be updated." - properties: - postStart: - description: "PostStart is called immediately after a container is created. If the handler fails,\nthe container is terminated and restarted according to its restart policy.\nOther management of the container blocks until the hook completes.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - type: "object" - preStop: - description: "PreStop is called immediately before a container is terminated due to an\nAPI request or management event such as liveness/startup probe failure,\npreemption, resource contention, etc. The handler is not called if the\ncontainer crashes or exits. The Pod's termination grace period countdown begins before the\nPreStop hook is executed. Regardless of the outcome of the handler, the\ncontainer will eventually terminate within the Pod's termination grace\nperiod (unless delayed by finalizers). Other management of the container blocks until the hook completes\nor until the termination grace period is reached.\nMore info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - tcpSocket: - description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - type: "object" - type: "object" - livenessProbe: - description: "Periodic probe of container liveness.\nContainer will be restarted if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." - format: "int32" - type: "integer" - grpc: - description: "GRPC specifies an action involving a GRPC port." - properties: - port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." - format: "int32" - type: "integer" - service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." - type: "string" - required: - - "port" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - periodSeconds: - description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." - format: "int32" - type: "integer" - tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." - format: "int64" - type: "integer" - timeoutSeconds: - description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - type: "object" - name: - description: "Name of the container specified as a DNS_LABEL.\nEach container in a pod must have a unique name (DNS_LABEL).\nCannot be updated." - type: "string" - ports: - description: "List of ports to expose from the container. Not specifying a port here\nDOES NOT prevent that port from being exposed. Any port which is\nlistening on the default \"0.0.0.0\" address inside a container will be\naccessible from the network.\nModifying this array with strategic merge patch may corrupt the data.\nFor more information See https://github.com/kubernetes/kubernetes/issues/108255.\nCannot be updated." - items: - description: "ContainerPort represents a network port in a single container." - properties: - containerPort: - description: "Number of port to expose on the pod's IP address.\nThis must be a valid port number, 0 < x < 65536." - format: "int32" - type: "integer" - hostIP: - description: "What host IP to bind the external port to." - type: "string" - hostPort: - description: "Number of port to expose on the host.\nIf specified, this must be a valid port number, 0 < x < 65536.\nIf HostNetwork is specified, this must match ContainerPort.\nMost containers do not need this." - format: "int32" - type: "integer" - name: - description: "If specified, this must be an IANA_SVC_NAME and unique within the pod. Each\nnamed port in a pod must have a unique name. Name for the port that can be\nreferred to by services." - type: "string" - protocol: - default: "TCP" - description: "Protocol for port. Must be UDP, TCP, or SCTP.\nDefaults to \"TCP\"." - type: "string" - required: - - "containerPort" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "containerPort" - - "protocol" - x-kubernetes-list-type: "map" - readinessProbe: - description: "Periodic probe of container service readiness.\nContainer will be removed from service endpoints if the probe fails.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." - format: "int32" - type: "integer" - grpc: - description: "GRPC specifies an action involving a GRPC port." - properties: - port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." - format: "int32" - type: "integer" - service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." - type: "string" - required: - - "port" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - periodSeconds: - description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." - format: "int32" - type: "integer" - tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." - format: "int64" - type: "integer" - timeoutSeconds: - description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - type: "object" - resizePolicy: - description: "Resources resize policy for the container." - items: - description: "ContainerResizePolicy represents resource resize policy for the container." - properties: - resourceName: - description: "Name of the resource to which this resource resize policy applies.\nSupported values: cpu, memory." - type: "string" - restartPolicy: - description: "Restart policy to apply when specified resource is resized.\nIf not specified, it defaults to NotRequired." - type: "string" - required: - - "resourceName" - - "restartPolicy" - type: "object" - type: "array" - x-kubernetes-list-type: "atomic" - resources: - description: "Compute Resources required by this container.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - restartPolicy: - description: "RestartPolicy defines the restart behavior of individual containers in a pod.\nThis field may only be set for init containers, and the only allowed value is \"Always\".\nFor non-init containers or when this field is not specified,\nthe restart behavior is defined by the Pod's restart policy and the container type.\nSetting the RestartPolicy as \"Always\" for the init container will have the following effect:\nthis init container will be continually restarted on\nexit until all regular containers have terminated. Once all regular\ncontainers have completed, all init containers with restartPolicy \"Always\"\nwill be shut down. This lifecycle differs from normal init containers and\nis often referred to as a \"sidecar\" container. Although this init\ncontainer still starts in the init container sequence, it does not wait\nfor the container to complete before proceeding to the next init\ncontainer. Instead, the next init container starts immediately after this\ninit container is started, or after any startupProbe has successfully\ncompleted." - type: "string" - securityContext: - description: "SecurityContext defines the security options the container should be run with.\nIf set, the fields of SecurityContext override the equivalent fields of PodSecurityContext.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/" - properties: - allowPrivilegeEscalation: - description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." - type: "boolean" - capabilities: - description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." - properties: - add: - description: "Added capabilities" - items: - description: "Capability represent POSIX capabilities type" - type: "string" - type: "array" - drop: - description: "Removed capabilities" - items: - description: "Capability represent POSIX capabilities type" - type: "string" - type: "array" - type: "object" - privileged: - description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." - type: "boolean" - procMount: - description: "procMount denotes the type of proc mount to use for the containers.\nThe default is DefaultProcMount which uses the container runtime defaults for\nreadonly paths and masked paths.\nThis requires the ProcMountType feature flag to be enabled.\nNote that this field cannot be set when spec.os.name is windows." - type: "string" - readOnlyRootFilesystem: - description: "Whether this container has a read-only root filesystem.\nDefault is false.\nNote that this field cannot be set when spec.os.name is windows." - type: "boolean" - runAsGroup: - description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." - format: "int64" - type: "integer" - runAsNonRoot: - description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." - type: "boolean" - runAsUser: - description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." - format: "int64" - type: "integer" - seLinuxOptions: - description: "The SELinux context to be applied to the container.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is windows." - properties: - level: - description: "Level is SELinux level label that applies to the container." - type: "string" - role: - description: "Role is a SELinux role label that applies to the container." - type: "string" - type: - description: "Type is a SELinux type label that applies to the container." - type: "string" - user: - description: "User is a SELinux user label that applies to the container." - type: "string" - type: "object" - seccompProfile: - description: "The seccomp options to use by this container. If seccomp options are\nprovided at both the pod & container level, the container options\noverride the pod options.\nNote that this field cannot be set when spec.os.name is windows." - properties: - localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." - type: "string" - type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." - type: "string" - required: - - "type" - type: "object" - windowsOptions: - description: "The Windows specific settings applied to all containers.\nIf unspecified, the options from the PodSecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." - properties: - gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." - type: "string" - gmsaCredentialSpecName: - description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." - type: "string" - hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." - type: "boolean" - runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." - type: "string" - type: "object" - type: "object" - startupProbe: - description: "StartupProbe indicates that the Pod has successfully initialized.\nIf specified, no other probes are executed until this completes successfully.\nIf this probe fails, the Pod will be restarted, just as if the livenessProbe failed.\nThis can be used to provide different probe parameters at the beginning of a Pod's lifecycle,\nwhen it might take a long time to load data or warm a cache, than during steady-state operation.\nThis cannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - properties: - exec: - description: "Exec specifies the action to take." - properties: - command: - description: "Command is the command line to execute inside the container, the working directory for the\ncommand is root ('/') in the container's filesystem. The command is simply exec'd, it is\nnot run inside a shell, so traditional shell instructions ('|', etc) won't work. To use\na shell, you need to explicitly call out to that shell.\nExit status of 0 is treated as live/healthy and non-zero is unhealthy." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." - format: "int32" - type: "integer" - grpc: - description: "GRPC specifies an action involving a GRPC port." - properties: - port: - description: "Port number of the gRPC service. Number must be in the range 1 to 65535." - format: "int32" - type: "integer" - service: - description: "Service is the name of the service to place in the gRPC HealthCheckRequest\n(see https://github.com/grpc/grpc/blob/master/doc/health-checking.md).\n\n\nIf this is not specified, the default behavior is defined by gRPC." - type: "string" - required: - - "port" - type: "object" - httpGet: - description: "HTTPGet specifies the http request to perform." - properties: - host: - description: "Host name to connect to, defaults to the pod IP. You probably want to set\n\"Host\" in httpHeaders instead." - type: "string" - httpHeaders: - description: "Custom headers to set in the request. HTTP allows repeated headers." - items: - description: "HTTPHeader describes a custom header to be used in HTTP probes" - properties: - name: - description: "The header field name.\nThis will be canonicalized upon output, so case-variant names will be understood as the same header." - type: "string" - value: - description: "The header field value" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - path: - description: "Path to access on the HTTP server." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Name or number of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - scheme: - description: "Scheme to use for connecting to the host.\nDefaults to HTTP." - type: "string" - required: - - "port" - type: "object" - initialDelaySeconds: - description: "Number of seconds after the container has started before liveness probes are initiated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - periodSeconds: - description: "How often (in seconds) to perform the probe.\nDefault to 10 seconds. Minimum value is 1." - format: "int32" - type: "integer" - successThreshold: - description: "Minimum consecutive successes for the probe to be considered successful after having failed.\nDefaults to 1. Must be 1 for liveness and startup. Minimum value is 1." - format: "int32" - type: "integer" - tcpSocket: - description: "TCPSocket specifies an action involving a TCP port." - properties: - host: - description: "Optional: Host name to connect to, defaults to the pod IP." - type: "string" - port: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the container.\nNumber must be in the range 1 to 65535.\nName must be an IANA_SVC_NAME." - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully upon probe failure.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nIf this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this\nvalue overrides the value provided by the pod spec.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nThis is a beta field and requires enabling ProbeTerminationGracePeriod feature gate.\nMinimum value is 1. spec.terminationGracePeriodSeconds is used if unset." - format: "int64" - type: "integer" - timeoutSeconds: - description: "Number of seconds after which the probe times out.\nDefaults to 1 second. Minimum value is 1.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes" - format: "int32" - type: "integer" - type: "object" - stdin: - description: "Whether this container should allocate a buffer for stdin in the container runtime. If this\nis not set, reads from stdin in the container will always result in EOF.\nDefault is false." - type: "boolean" - stdinOnce: - description: "Whether the container runtime should close the stdin channel after it has been opened by\na single attach. When stdin is true the stdin stream will remain open across multiple attach\nsessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the\nfirst client attaches to stdin, and then remains open and accepts data until the client disconnects,\nat which time stdin is closed and remains closed until the container is restarted. If this\nflag is false, a container processes that reads from stdin will never receive an EOF.\nDefault is false" - type: "boolean" - terminationMessagePath: - description: "Optional: Path at which the file to which the container's termination message\nwill be written is mounted into the container's filesystem.\nMessage written is intended to be brief final status, such as an assertion failure message.\nWill be truncated by the node if greater than 4096 bytes. The total message length across\nall containers will be limited to 12kb.\nDefaults to /dev/termination-log.\nCannot be updated." - type: "string" - terminationMessagePolicy: - description: "Indicate how the termination message should be populated. File will use the contents of\nterminationMessagePath to populate the container status message on both success and failure.\nFallbackToLogsOnError will use the last chunk of container log output if the termination\nmessage file is empty and the container exited with an error.\nThe log output is limited to 2048 bytes or 80 lines, whichever is smaller.\nDefaults to File.\nCannot be updated." - type: "string" - tty: - description: "Whether this container should allocate a TTY for itself, also requires 'stdin' to be true.\nDefault is false." - type: "boolean" - volumeDevices: - description: "volumeDevices is the list of block devices to be used by the container." - items: - description: "volumeDevice describes a mapping of a raw block device within a container." - properties: - devicePath: - description: "devicePath is the path inside of the container that the device will be mapped to." - type: "string" - name: - description: "name must match the name of a persistentVolumeClaim in the pod" - type: "string" - required: - - "devicePath" - - "name" - type: "object" - type: "array" - volumeMounts: - description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." - items: - description: "VolumeMount describes a mounting of a Volume within a container." - properties: - mountPath: - description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." - type: "string" - mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." - type: "string" - name: - description: "This must match the Name of a Volume." - type: "string" - readOnly: - description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." - type: "boolean" - subPath: - description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." - type: "string" - subPathExpr: - description: "Expanded path within the volume from which the container's volume should be mounted.\nBehaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment.\nDefaults to \"\" (volume's root).\nSubPathExpr and SubPath are mutually exclusive." - type: "string" - required: - - "mountPath" - - "name" - type: "object" - type: "array" - workingDir: - description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." - type: "string" - required: - - "name" - type: "object" - type: "array" - nodeName: - description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this pod onto that node, assuming that it fits resource\nrequirements." - type: "string" - nodeSelector: - additionalProperties: - type: "string" - description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" - type: "object" - x-kubernetes-map-type: "atomic" - os: - description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup" - properties: - name: - description: "Name is the name of the operating system. The currently supported values are linux and windows.\nAdditional value may be defined in future and can be one of:\nhttps://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration\nClients should expect to handle additional values and treat unrecognized values in this field as os: null" - type: "string" - required: - - "name" - type: "object" - overhead: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Overhead represents the resource overhead associated with running a pod for a given RuntimeClass.\nThis field will be autopopulated at admission time by the RuntimeClass admission controller. If\nthe RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests.\nThe RuntimeClass admission controller will reject Pod create requests which have the overhead already\nset. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value\ndefined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero.\nMore info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md" - type: "object" - preemptionPolicy: - description: "PreemptionPolicy is the Policy for preempting pods with lower priority.\nOne of Never, PreemptLowerPriority.\nDefaults to PreemptLowerPriority if unset." - type: "string" - priority: - description: "The priority value. Various system components use this field to find the\npriority of the pod. When Priority Admission Controller is enabled, it\nprevents users from setting this field. The admission controller populates\nthis field from PriorityClassName.\nThe higher the value, the higher the priority." - format: "int32" - type: "integer" - priorityClassName: - description: "If specified, indicates the pod's priority. \"system-node-critical\" and\n\"system-cluster-critical\" are two special keywords which indicate the\nhighest priorities with the former being the highest priority. Any other\nname must be defined by creating a PriorityClass object with that name.\nIf not specified, the pod priority will be default or zero if there is no\ndefault." - type: "string" - readinessGates: - description: "If specified, all readiness gates will be evaluated for pod readiness.\nA pod is ready when all its containers are ready AND\nall conditions specified in the readiness gates have status equal to \"True\"\nMore info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates" - items: - description: "PodReadinessGate contains the reference to a pod condition" - properties: - conditionType: - description: "ConditionType refers to a condition in the pod's condition list with matching type." - type: "string" - required: - - "conditionType" - type: "object" - type: "array" - resourceClaims: - description: "ResourceClaims defines which ResourceClaims must be allocated\nand reserved before the Pod is allowed to start. The resources\nwill be made available to those containers which consume them\nby name.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable." - items: - description: "PodResourceClaim references exactly one ResourceClaim through a ClaimSource.\nIt adds a name to it that uniquely identifies the ResourceClaim inside the Pod.\nContainers that need access to the ResourceClaim reference it with this name." - properties: - name: - description: "Name uniquely identifies this resource claim inside the pod.\nThis must be a DNS_LABEL." - type: "string" - source: - description: "Source describes where to find the ResourceClaim." - properties: - resourceClaimName: - description: "ResourceClaimName is the name of a ResourceClaim object in the same\nnamespace as this pod." - type: "string" - resourceClaimTemplateName: - description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate\nobject in the same namespace as this pod.\n\n\nThe template will be used to create a new ResourceClaim, which will\nbe bound to this pod. When this pod is deleted, the ResourceClaim\nwill also be deleted. The pod name and resource name, along with a\ngenerated component, will be used to form a unique name for the\nResourceClaim, which will be recorded in pod.status.resourceClaimStatuses.\n\n\nThis field is immutable and no changes will be made to the\ncorresponding ResourceClaim by the control plane after creating the\nResourceClaim." - type: "string" - type: "object" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - restartPolicy: - description: "Restart policy for all containers within the pod.\nOne of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted.\nDefault to Always.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy" - type: "string" - runtimeClassName: - description: "RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used\nto run this pod. If no RuntimeClass resource matches the named class, the pod will not be run.\nIf unset or empty, the \"legacy\" RuntimeClass will be used, which is an implicit class with an\nempty definition that uses the default runtime handler.\nMore info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class" - type: "string" - schedulerName: - description: "If specified, the pod will be dispatched by specified scheduler.\nIf not specified, the pod will be dispatched by default scheduler." - type: "string" - schedulingGates: - description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate." - items: - description: "PodSchedulingGate is associated to a Pod to guard its scheduling." - properties: - name: - description: "Name of the scheduling gate.\nEach scheduling gate must have a unique name field." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - securityContext: - description: "SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field." - properties: - fsGroup: - description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." - format: "int64" - type: "integer" - fsGroupChangePolicy: - description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." - type: "string" - runAsGroup: - description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." - format: "int64" - type: "integer" - runAsNonRoot: - description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." - type: "boolean" - runAsUser: - description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." - format: "int64" - type: "integer" - seLinuxOptions: - description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." - properties: - level: - description: "Level is SELinux level label that applies to the container." - type: "string" - role: - description: "Role is a SELinux role label that applies to the container." - type: "string" - type: - description: "Type is a SELinux type label that applies to the container." - type: "string" - user: - description: "User is a SELinux user label that applies to the container." - type: "string" - type: "object" - seccompProfile: - description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." - properties: - localhostProfile: - description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." - type: "string" - type: - description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." - type: "string" - required: - - "type" - type: "object" - supplementalGroups: - description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." - items: - format: "int64" - type: "integer" - type: "array" - sysctls: - description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." - items: - description: "Sysctl defines a kernel parameter to be set" - properties: - name: - description: "Name of a property to set" - type: "string" - value: - description: "Value of a property to set" - type: "string" - required: - - "name" - - "value" - type: "object" - type: "array" - windowsOptions: - description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." - properties: - gmsaCredentialSpec: - description: "GMSACredentialSpec is where the GMSA admission webhook\n(https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the\nGMSA credential spec named by the GMSACredentialSpecName field." - type: "string" - gmsaCredentialSpecName: - description: "GMSACredentialSpecName is the name of the GMSA credential spec to use." - type: "string" - hostProcess: - description: "HostProcess determines if a container should be run as a 'Host Process' container.\nAll of a Pod's containers must have the same effective HostProcess value\n(it is not allowed to have a mix of HostProcess containers and non-HostProcess containers).\nIn addition, if HostProcess is true then HostNetwork must also be set to true." - type: "boolean" - runAsUserName: - description: "The UserName in Windows to run the entrypoint of the container process.\nDefaults to the user specified in image metadata if unspecified.\nMay also be set in PodSecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." - type: "string" - type: "object" - type: "object" - serviceAccount: - description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.\nDeprecated: Use serviceAccountName instead." - type: "string" - serviceAccountName: - description: "ServiceAccountName is the name of the ServiceAccount to use to run this pod.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/" - type: "string" - setHostnameAsFQDN: - description: "If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default).\nIn Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname).\nIn Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\\\SYSTEM\\\\CurrentControlSet\\\\Services\\\\Tcpip\\\\Parameters to FQDN.\nIf a pod does not have FQDN, this has no effect.\nDefault to false." - type: "boolean" - shareProcessNamespace: - description: "Share a single process namespace between all of the containers in a pod.\nWhen this is set containers will be able to view and signal processes from other containers\nin the same pod, and the first process in each container will not be assigned PID 1.\nHostPID and ShareProcessNamespace cannot both be set.\nOptional: Default to false." - type: "boolean" - subdomain: - description: "If specified, the fully qualified Pod hostname will be \"...svc.\".\nIf not specified, the pod will not have a domainname at all." - type: "string" - terminationGracePeriodSeconds: - description: "Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request.\nValue must be non-negative integer. The value zero indicates stop immediately via\nthe kill signal (no opportunity to shut down).\nIf this value is nil, the default grace period will be used instead.\nThe grace period is the duration in seconds after the processes running in the pod are sent\na termination signal and the time when the processes are forcibly halted with a kill signal.\nSet this value longer than the expected cleanup time for your process.\nDefaults to 30 seconds." - format: "int64" - type: "integer" - tolerations: - description: "If specified, the pod's tolerations." - items: - description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." - properties: - effect: - description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." - type: "string" - key: - description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." - type: "string" - operator: - description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." - type: "string" - tolerationSeconds: - description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." - format: "int64" - type: "integer" - value: - description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." - type: "string" - type: "object" - type: "array" - topologySpreadConstraints: - description: "TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed." - items: - description: "TopologySpreadConstraint specifies how to spread matching pods among the given topology." - properties: - labelSelector: - description: "LabelSelector is used to find matching pods.\nPods that match this label selector are counted to determine the number of pods\nin their corresponding topology domain." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select the pods over which\nspreading will be calculated. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are ANDed with labelSelector\nto select the group of existing pods over which spreading will be calculated\nfor the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nMatchLabelKeys cannot be set when LabelSelector isn't set.\nKeys that don't exist in the incoming pod labels will\nbe ignored. A null or empty list means only match against labelSelector.\n\n\nThis is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default)." - items: - type: "string" - type: "array" - x-kubernetes-list-type: "atomic" - maxSkew: - description: "MaxSkew describes the degree to which pods may be unevenly distributed.\nWhen `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference\nbetween the number of matching pods in the target topology and the global minimum.\nThe global minimum is the minimum number of matching pods in an eligible domain\nor zero if the number of eligible domains is less than MinDomains.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 2/2/1:\nIn this case, the global minimum is 1.\n| zone1 | zone2 | zone3 |\n| P P | P P | P |\n- if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2;\nscheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2)\nviolate MaxSkew(1).\n- if MaxSkew is 2, incoming pod can be scheduled onto any zone.\nWhen `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence\nto topologies that satisfy it.\nIt's a required field. Default value is 1 and 0 is not allowed." - format: "int32" - type: "integer" - minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." - format: "int32" - type: "integer" - nodeAffinityPolicy: - description: "NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector\nwhen calculating pod topology spread skew. Options are:\n- Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations.\n- Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations.\n\n\nIf this value is nil, the behavior is equivalent to the Honor policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." - type: "string" - nodeTaintsPolicy: - description: "NodeTaintsPolicy indicates how we will treat node taints when calculating\npod topology spread skew. Options are:\n- Honor: nodes without taints, along with tainted nodes for which the incoming pod\nhas a toleration, are included.\n- Ignore: node taints are ignored. All nodes are included.\n\n\nIf this value is nil, the behavior is equivalent to the Ignore policy.\nThis is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag." - type: "string" - topologyKey: - description: "TopologyKey is the key of node labels. Nodes that have a label with this key\nand identical values are considered to be in the same topology.\nWe consider each as a \"bucket\", and try to put balanced number\nof pods into each bucket.\nWe define a domain as a particular instance of a topology.\nAlso, we define an eligible domain as a domain whose nodes meet the requirements of\nnodeAffinityPolicy and nodeTaintsPolicy.\ne.g. If TopologyKey is \"kubernetes.io/hostname\", each Node is a domain of that topology.\nAnd, if TopologyKey is \"topology.kubernetes.io/zone\", each zone is a domain of that topology.\nIt's a required field." - type: "string" - whenUnsatisfiable: - description: "WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy\nthe spread constraint.\n- DoNotSchedule (default) tells the scheduler not to schedule it.\n- ScheduleAnyway tells the scheduler to schedule the pod in any location,\n but giving higher precedence to topologies that would help reduce the\n skew.\nA constraint is considered \"Unsatisfiable\" for an incoming pod\nif and only if every possible node assignment for that pod would violate\n\"MaxSkew\" on some topology.\nFor example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same\nlabelSelector spread as 3/1/1:\n| zone1 | zone2 | zone3 |\n| P P P | P | P |\nIf WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled\nto zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies\nMaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler\nwon't make it *more* imbalanced.\nIt's a required field." - type: "string" - required: - - "maxSkew" - - "topologyKey" - - "whenUnsatisfiable" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "topologyKey" - - "whenUnsatisfiable" - x-kubernetes-list-type: "map" - volumes: - description: "List of volumes that can be mounted by containers belonging to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes" - items: - description: "Volume represents a named volume in a pod that may be accessed by any container in the pod." - properties: - awsElasticBlockStore: - description: "awsElasticBlockStore represents an AWS Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty)." - format: "int32" - type: "integer" - readOnly: - description: "readOnly value true will force the readOnly setting in VolumeMounts.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "boolean" - volumeID: - description: "volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore" - type: "string" - required: - - "volumeID" - type: "object" - azureDisk: - description: "azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod." - properties: - cachingMode: - description: "cachingMode is the Host Caching mode: None, Read Only, Read Write." - type: "string" - diskName: - description: "diskName is the Name of the data disk in the blob storage" - type: "string" - diskURI: - description: "diskURI is the URI of data disk in the blob storage" - type: "string" - fsType: - description: "fsType is Filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - kind: - description: "kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared" - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - required: - - "diskName" - - "diskURI" - type: "object" - azureFile: - description: "azureFile represents an Azure File Service mount on the host and bind mount to the pod." - properties: - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretName: - description: "secretName is the name of secret that contains Azure Storage Account Name and Key" - type: "string" - shareName: - description: "shareName is the azure share Name" - type: "string" - required: - - "secretName" - - "shareName" - type: "object" - cephfs: - description: "cephFS represents a Ceph FS mount on the host that shares a pod's lifetime" - properties: - monitors: - description: "monitors is Required: Monitors is a collection of Ceph monitors\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - items: - type: "string" - type: "array" - path: - description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" - type: "string" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "boolean" - secretFile: - description: "secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - secretRef: - description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is optional: User is the rados user name, default is admin\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" - type: "string" - required: - - "monitors" - type: "object" - cinder: - description: "cinder represents a cinder volume attached and mounted on kubelets host machine.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "boolean" - secretRef: - description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - volumeID: - description: "volumeID used to identify the volume in cinder.\nMore info: https://examples.k8s.io/mysql-cinder-pd/README.md" - type: "string" - required: - - "volumeID" - type: "object" - configMap: - description: "configMap represents a configMap that should populate this volume" - properties: - defaultMode: - description: "defaultMode is optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - csi: - description: "csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature)." - properties: - driver: - description: "driver is the name of the CSI driver that handles this volume.\nConsult with your admin for the correct name as registered in the cluster." - type: "string" - fsType: - description: "fsType to mount. Ex. \"ext4\", \"xfs\", \"ntfs\".\nIf not provided, the empty value is passed to the associated CSI driver\nwhich will determine the default filesystem to apply." - type: "string" - nodePublishSecretRef: - description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - readOnly: - description: "readOnly specifies a read-only configuration for the volume.\nDefaults to false (read/write)." - type: "boolean" - volumeAttributes: - additionalProperties: - type: "string" - description: "volumeAttributes stores driver-specific properties that are passed to the CSI\ndriver. Consult your driver's documentation for supported values." - type: "object" - required: - - "driver" - type: "object" - downwardAPI: - description: "downwardAPI represents downward API about the pod that should populate this volume" - properties: - defaultMode: - description: "Optional: mode bits to use on created files by default. Must be a\nOptional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDefaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "Items is a list of downward API volume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" - properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - emptyDir: - description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - properties: - medium: - description: "medium represents what type of storage medium should back this directory.\nThe default is \"\" which means to use the node's default medium.\nMust be an empty string (default) or Memory.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - type: "string" - sizeLimit: - anyOf: - - type: "integer" - - type: "string" - description: "sizeLimit is the total amount of local storage required for this EmptyDir volume.\nThe size limit is also applicable for memory medium.\nThe maximum usage on memory medium EmptyDir would be the minimum value between\nthe SizeLimit specified here and the sum of memory limits of all containers in a pod.\nThe default is nil which means that the limit is undefined.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - type: "object" - ephemeral: - description: "ephemeral represents a volume that is handled by a cluster storage driver.\nThe volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts,\nand deleted when the pod is removed.\n\n\nUse this if:\na) the volume is only needed while the pod runs,\nb) features of normal volumes like restoring from snapshot or capacity\n tracking are needed,\nc) the storage driver is specified through a storage class, and\nd) the storage driver supports dynamic volume provisioning through\n a PersistentVolumeClaim (see EphemeralVolumeSource for more\n information on the connection between this volume type\n and PersistentVolumeClaim).\n\n\nUse PersistentVolumeClaim or one of the vendor-specific\nAPIs for volumes that persist for longer than the lifecycle\nof an individual pod.\n\n\nUse CSI for light-weight local ephemeral volumes if the CSI driver is meant to\nbe used that way - see the documentation of the driver for\nmore information.\n\n\nA pod can use both types of ephemeral volumes and\npersistent volumes at the same time." - properties: - volumeClaimTemplate: - description: "Will be used to create a stand-alone PVC to provision the volume.\nThe pod in which this EphemeralVolumeSource is embedded will be the\nowner of the PVC, i.e. the PVC will be deleted together with the\npod. The name of the PVC will be `-` where\n`` is the name from the `PodSpec.Volumes` array\nentry. Pod validation will reject the pod if the concatenated name\nis not valid for a PVC (for example, too long).\n\n\nAn existing PVC with that name that is not owned by the pod\nwill *not* be used for the pod to avoid using an unrelated\nvolume by mistake. Starting the pod is then blocked until\nthe unrelated PVC is removed. If such a pre-created PVC is\nmeant to be used by the pod, the PVC has to updated with an\nowner reference to the pod once the pod exists. Normally\nthis should not be necessary, but it may be useful when\nmanually reconstructing a broken cluster.\n\n\nThis field is read-only and no changes will be made by Kubernetes\nto the PVC after it has been created.\n\n\nRequired, must not be nil." - properties: - metadata: - description: "May contain labels and annotations that will be copied into the PVC\nwhen creating it. No other fields are allowed and will be rejected during\nvalidation." - properties: - annotations: - additionalProperties: - type: "string" - type: "object" - finalizers: - items: - type: "string" - type: "array" - labels: - additionalProperties: - type: "string" - type: "object" - name: - type: "string" - namespace: - type: "string" - type: "object" - spec: - description: "The specification for the PersistentVolumeClaim. The entire content is\ncopied unchanged into the PVC that gets created from this\ntemplate. The same fields as in a PersistentVolumeClaim\nare also valid here." - properties: - accessModes: - description: "accessModes contains the desired access modes the volume should have.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1" - items: - type: "string" - type: "array" - dataSource: - description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - required: - - "kind" - - "name" - type: "object" - x-kubernetes-map-type: "atomic" - dataSourceRef: - description: "dataSourceRef specifies the object from which to populate the volume with data, if a non-empty\nvolume is desired. This may be any object from a non-empty API group (non\ncore object) or a PersistentVolumeClaim object.\nWhen this field is specified, volume binding will only succeed if the type of\nthe specified object matches some installed volume populator or dynamic\nprovisioner.\nThis field will replace the functionality of the dataSource field and as such\nif both fields are non-empty, they must have the same value. For backwards\ncompatibility, when namespace isn't specified in dataSourceRef,\nboth fields (dataSource and dataSourceRef) will be set to the same\nvalue automatically if one of them is empty and the other is non-empty.\nWhen namespace is specified in dataSourceRef,\ndataSource isn't set to the same value and must be empty.\nThere are three important differences between dataSource and dataSourceRef:\n* While dataSource only allows two specific types of objects, dataSourceRef\n allows any non-core object, as well as PersistentVolumeClaim objects.\n* While dataSource ignores disallowed values (dropping them), dataSourceRef\n preserves all values, and generates an error if a disallowed value is\n specified.\n* While dataSource only allows local objects, dataSourceRef allows objects\n in any namespaces.\n(Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled.\n(Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - properties: - apiGroup: - description: "APIGroup is the group for the resource being referenced.\nIf APIGroup is not specified, the specified Kind must be in the core API group.\nFor any other third-party types, APIGroup is required." - type: "string" - kind: - description: "Kind is the type of resource being referenced" - type: "string" - name: - description: "Name is the name of resource being referenced" - type: "string" - namespace: - description: "Namespace is the namespace of resource being referenced\nNote that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details.\n(Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled." - type: "string" - required: - - "kind" - - "name" - type: "object" - resources: - description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" - properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - limits: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Limits describes the maximum amount of compute resources allowed.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - requests: - additionalProperties: - anyOf: - - type: "integer" - - type: "string" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - description: "Requests describes the minimum amount of compute resources required.\nIf Requests is omitted for a container, it defaults to Limits if that is explicitly specified,\notherwise to an implementation-defined value. Requests cannot exceed Limits.\nMore info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/" - type: "object" - type: "object" - selector: - description: "selector is a label query over volumes to consider for binding." - properties: - matchExpressions: - description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." - items: - description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." - properties: - key: - description: "key is the label key that the selector applies to." - type: "string" - operator: - description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." - type: "string" - values: - description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." - items: - type: "string" - type: "array" - required: - - "key" - - "operator" - type: "object" - type: "array" - matchLabels: - additionalProperties: - type: "string" - description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." - type: "object" - type: "object" - x-kubernetes-map-type: "atomic" - storageClassName: - description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" - type: "string" - volumeMode: - description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." - type: "string" - volumeName: - description: "volumeName is the binding reference to the PersistentVolume backing this claim." - type: "string" - type: "object" - required: - - "spec" - type: "object" - type: "object" - fc: - description: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - lun: - description: "lun is Optional: FC target lun number" - format: "int32" - type: "integer" - readOnly: - description: "readOnly is Optional: Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - targetWWNs: - description: "targetWWNs is Optional: FC target worldwide names (WWNs)" - items: - type: "string" - type: "array" - wwids: - description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." - items: - type: "string" - type: "array" - type: "object" - flexVolume: - description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." - properties: - driver: - description: "driver is the name of the driver to use for this volume." - type: "string" - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". The default filesystem depends on FlexVolume script." - type: "string" - options: - additionalProperties: - type: "string" - description: "options is Optional: this field holds extra command options if any." - type: "object" - readOnly: - description: "readOnly is Optional: defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "driver" - type: "object" - flocker: - description: "flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running" - properties: - datasetName: - description: "datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker\nshould be considered as deprecated" - type: "string" - datasetUUID: - description: "datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset" - type: "string" - type: "object" - gcePersistentDisk: - description: "gcePersistentDisk represents a GCE Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - properties: - fsType: - description: "fsType is filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - partition: - description: "partition is the partition in the volume that you want to mount.\nIf omitted, the default is to mount by volume name.\nExamples: For volume /dev/sda1, you specify the partition as \"1\".\nSimilarly, the volume partition for /dev/sda is \"0\" (or you can leave the property empty).\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - format: "int32" - type: "integer" - pdName: - description: "pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk" - type: "boolean" - required: - - "pdName" - type: "object" - gitRepo: - description: "gitRepo represents a git repository at a particular revision.\nDEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an\nEmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir\ninto the Pod's container." - properties: - directory: - description: "directory is the target directory name.\nMust not contain or start with '..'. If '.' is supplied, the volume directory will be the\ngit repository. Otherwise, if specified, the volume will contain the git repository in\nthe subdirectory with the given name." - type: "string" - repository: - description: "repository is the URL" - type: "string" - revision: - description: "revision is the commit hash for the specified revision." - type: "string" - required: - - "repository" - type: "object" - glusterfs: - description: "glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md" - properties: - endpoints: - description: "endpoints is the endpoint name that details Glusterfs topology.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - path: - description: "path is the Glusterfs volume path.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "string" - readOnly: - description: "readOnly here will force the Glusterfs volume to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod" - type: "boolean" - required: - - "endpoints" - - "path" - type: "object" - hostPath: - description: "hostPath represents a pre-existing file or directory on the host\nmachine that is directly exposed to the container. This is generally\nused for system agents or other privileged things that are allowed\nto see the host machine. Most containers will NOT need this.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath\n---\nTODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not\nmount host directories as read/write." - properties: - path: - description: "path of the directory on the host.\nIf the path is a symlink, it will follow the link to the real path.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - type: - description: "type for HostPath Volume\nDefaults to \"\"\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath" - type: "string" - required: - - "path" - type: "object" - iscsi: - description: "iscsi represents an ISCSI Disk resource that is attached to a\nkubelet's host machine and then exposed to the pod.\nMore info: https://examples.k8s.io/volumes/iscsi/README.md" - properties: - chapAuthDiscovery: - description: "chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication" - type: "boolean" - chapAuthSession: - description: "chapAuthSession defines whether support iSCSI Session CHAP authentication" - type: "boolean" - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - initiatorName: - description: "initiatorName is the custom iSCSI Initiator Name.\nIf initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface\n: will be created for the connection." - type: "string" - iqn: - description: "iqn is the target iSCSI Qualified Name." - type: "string" - iscsiInterface: - description: "iscsiInterface is the interface Name that uses an iSCSI transport.\nDefaults to 'default' (tcp)." - type: "string" - lun: - description: "lun represents iSCSI Target Lun number." - format: "int32" - type: "integer" - portals: - description: "portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - items: - type: "string" - type: "array" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." - type: "boolean" - secretRef: - description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - targetPortal: - description: "targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port\nis other than default (typically TCP ports 860 and 3260)." - type: "string" - required: - - "iqn" - - "lun" - - "targetPortal" - type: "object" - name: - description: "name of the volume.\nMust be a DNS_LABEL and unique within the pod.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names" - type: "string" - nfs: - description: "nfs represents an NFS mount on the host that shares a pod's lifetime\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - properties: - path: - description: "path that is exported by the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - readOnly: - description: "readOnly here will force the NFS export to be mounted with read-only permissions.\nDefaults to false.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "boolean" - server: - description: "server is the hostname or IP address of the NFS server.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#nfs" - type: "string" - required: - - "path" - - "server" - type: "object" - persistentVolumeClaim: - description: "persistentVolumeClaimVolumeSource represents a reference to a\nPersistentVolumeClaim in the same namespace.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - properties: - claimName: - description: "claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims" - type: "string" - readOnly: - description: "readOnly Will force the ReadOnly setting in VolumeMounts.\nDefault false." - type: "boolean" - required: - - "claimName" - type: "object" - photonPersistentDisk: - description: "photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine" - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - pdID: - description: "pdID is the ID that identifies Photon Controller persistent disk" - type: "string" - required: - - "pdID" - type: "object" - portworxVolume: - description: "portworxVolume represents a portworx volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fSType represents the filesystem type to mount\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - volumeID: - description: "volumeID uniquely identifies a Portworx volume" - type: "string" - required: - - "volumeID" - type: "object" - projected: - description: "projected items for all in one resources secrets, configmaps, and downward API" - properties: - defaultMode: - description: "defaultMode are the mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - sources: - description: "sources is the list of volume projections" - items: - description: "Projection that may be projected along with other supported volume types" - properties: - configMap: - description: "configMap information about the configMap data to project" - properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nConfigMap will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the ConfigMap,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional specify whether the ConfigMap or its keys must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - downwardAPI: - description: "downwardAPI information about the downwardAPI data to project" - properties: - items: - description: "Items is a list of DownwardAPIVolume file" - items: - description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" - properties: - fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - mode: - description: "Optional: mode bits used to set permissions on this file, must be an octal value\nbetween 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..'" - type: "string" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - required: - - "path" - type: "object" - type: "array" - type: "object" - secret: - description: "secret information about the secret data to project" - properties: - items: - description: "items if unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "optional field specify whether the Secret or its key must be defined" - type: "boolean" - type: "object" - x-kubernetes-map-type: "atomic" - serviceAccountToken: - description: "serviceAccountToken is information about the serviceAccountToken data to project" - properties: - audience: - description: "audience is the intended audience of the token. A recipient of a token\nmust identify itself with an identifier specified in the audience of the\ntoken, and otherwise should reject the token. The audience defaults to the\nidentifier of the apiserver." - type: "string" - expirationSeconds: - description: "expirationSeconds is the requested duration of validity of the service\naccount token. As the token approaches expiration, the kubelet volume\nplugin will proactively rotate the service account token. The kubelet will\nstart trying to rotate the token if the token is older than 80 percent of\nits time to live or if the token is older than 24 hours.Defaults to 1 hour\nand must be at least 10 minutes." - format: "int64" - type: "integer" - path: - description: "path is the path relative to the mount point of the file to project the\ntoken into." - type: "string" - required: - - "path" - type: "object" - type: "object" - type: "array" - type: "object" - quobyte: - description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" - properties: - group: - description: "group to map volume access to\nDefault is no group" - type: "string" - readOnly: - description: "readOnly here will force the Quobyte volume to be mounted with read-only permissions.\nDefaults to false." - type: "boolean" - registry: - description: "registry represents a single or multiple Quobyte Registry services\nspecified as a string as host:port pair (multiple entries are separated with commas)\nwhich acts as the central registry for volumes" - type: "string" - tenant: - description: "tenant owning the given Quobyte volume in the Backend\nUsed with dynamically provisioned Quobyte volumes, value is set by the plugin" - type: "string" - user: - description: "user to map volume access to\nDefaults to serivceaccount user" - type: "string" - volume: - description: "volume is a string that references an already created Quobyte volume by name." - type: "string" - required: - - "registry" - - "volume" - type: "object" - rbd: - description: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime.\nMore info: https://examples.k8s.io/volumes/rbd/README.md" - properties: - fsType: - description: "fsType is the filesystem type of the volume that you want to mount.\nTip: Ensure that the filesystem type is supported by the host operating system.\nExamples: \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#rbd\nTODO: how do we prevent errors in the filesystem from compromising the machine" - type: "string" - image: - description: "image is the rados image name.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - keyring: - description: "keyring is the path to key ring for RBDUser.\nDefault is /etc/ceph/keyring.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - monitors: - description: "monitors is a collection of Ceph monitors.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - items: - type: "string" - type: "array" - pool: - description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - readOnly: - description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "boolean" - secretRef: - description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - user: - description: "user is the rados user name.\nDefault is admin.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" - type: "string" - required: - - "image" - - "monitors" - type: "object" - scaleIO: - description: "scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\".\nDefault is \"xfs\"." - type: "string" - gateway: - description: "gateway is the host address of the ScaleIO API Gateway." - type: "string" - protectionDomain: - description: "protectionDomain is the name of the ScaleIO Protection Domain for the configured storage." - type: "string" - readOnly: - description: "readOnly Defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - sslEnabled: - description: "sslEnabled Flag enable/disable SSL communication with Gateway, default false" - type: "boolean" - storageMode: - description: "storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned.\nDefault is ThinProvisioned." - type: "string" - storagePool: - description: "storagePool is the ScaleIO Storage Pool associated with the protection domain." - type: "string" - system: - description: "system is the name of the storage system as configured in ScaleIO." - type: "string" - volumeName: - description: "volumeName is the name of a volume already created in the ScaleIO system\nthat is associated with this volume source." - type: "string" - required: - - "gateway" - - "secretRef" - - "system" - type: "object" - secret: - description: "secret represents a secret that should populate this volume.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" - properties: - defaultMode: - description: "defaultMode is Optional: mode bits used to set permissions on created files by default.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values\nfor mode bits. Defaults to 0644.\nDirectories within the path are not affected by this setting.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - items: - description: "items If unspecified, each key-value pair in the Data field of the referenced\nSecret will be projected into the volume as a file whose name is the\nkey and content is the value. If specified, the listed keys will be\nprojected into the specified paths, and unlisted keys will not be\npresent. If a key is specified which is not present in the Secret,\nthe volume setup will error unless it is marked optional. Paths must be\nrelative and may not contain the '..' path or start with '..'." - items: - description: "Maps a string key to a path within a volume." - properties: - key: - description: "key is the key to project." - type: "string" - mode: - description: "mode is Optional: mode bits used to set permissions on this file.\nMust be an octal value between 0000 and 0777 or a decimal value between 0 and 511.\nYAML accepts both octal and decimal values, JSON requires decimal values for mode bits.\nIf not specified, the volume defaultMode will be used.\nThis might be in conflict with other options that affect the file\nmode, like fsGroup, and the result can be other mode bits set." - format: "int32" - type: "integer" - path: - description: "path is the relative path of the file to map the key to.\nMay not be an absolute path.\nMay not contain the path element '..'.\nMay not start with the string '..'." - type: "string" - required: - - "key" - - "path" - type: "object" - type: "array" - optional: - description: "optional field specify whether the Secret or its keys must be defined" - type: "boolean" - secretName: - description: "secretName is the name of the secret in the pod's namespace to use.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#secret" - type: "string" - type: "object" - storageos: - description: "storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes." - properties: - fsType: - description: "fsType is the filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - readOnly: - description: "readOnly defaults to false (read/write). ReadOnly here will force\nthe ReadOnly setting in VolumeMounts." - type: "boolean" - secretRef: - description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." - properties: - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - type: "object" - x-kubernetes-map-type: "atomic" - volumeName: - description: "volumeName is the human-readable name of the StorageOS volume. Volume\nnames are only unique within a namespace." - type: "string" - volumeNamespace: - description: "volumeNamespace specifies the scope of the volume within StorageOS. If no\nnamespace is specified then the Pod's namespace will be used. This allows the\nKubernetes name scoping to be mirrored within StorageOS for tighter integration.\nSet VolumeName to any name to override the default behaviour.\nSet to \"default\" if you are not using namespaces within StorageOS.\nNamespaces that do not pre-exist within StorageOS will be created." - type: "string" - type: "object" - vsphereVolume: - description: "vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine" - properties: - fsType: - description: "fsType is filesystem type to mount.\nMust be a filesystem type supported by the host operating system.\nEx. \"ext4\", \"xfs\", \"ntfs\". Implicitly inferred to be \"ext4\" if unspecified." - type: "string" - storagePolicyID: - description: "storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName." - type: "string" - storagePolicyName: - description: "storagePolicyName is the storage Policy Based Management (SPBM) profile name." - type: "string" - volumePath: - description: "volumePath is the path that identifies vSphere volume vmdk" - type: "string" - required: - - "volumePath" - type: "object" - required: - - "name" - type: "object" - type: "array" - required: - - "containers" - type: "object" - x-kubernetes-preserve-unknown-fields: true - postStartSpec: - description: "Defines the command to be executed when the component is ready, and the command will only be executed once after\nthe component becomes ready." - properties: - cmdExecutorConfig: - description: "Specifies the post-start command to be executed." - properties: - args: - description: "Additional parameters used in the execution of the command." - items: - type: "string" - type: "array" - command: - description: "The command to be executed." - items: - type: "string" - minItems: 1 - type: "array" - env: - description: "A list of environment variables that will be injected into the command execution context." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-preserve-unknown-fields: true - image: - description: "Specifies the image used to execute the command." - type: "string" - required: - - "command" - - "image" - type: "object" - scriptSpecSelectors: - description: "Used to select the script that need to be referenced.\nWhen defined, the scripts defined in scriptSpecs can be referenced within the CmdExecutorConfig." - items: - properties: - name: - description: "Represents the name of the ScriptSpec referent." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - required: - - "name" - type: "object" - type: "array" - required: - - "cmdExecutorConfig" - type: "object" - probes: - description: "Settings for health checks." - properties: - roleProbe: - description: "Specifies the probe used for checking the role of the component." - properties: - commands: - description: "Commands used to execute for probe." - properties: - queries: - description: "Defines read checks that are executed on the probe sidecar." - items: - type: "string" - type: "array" - writes: - description: "Defines write checks that are executed on the probe sidecar." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - default: 3 - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded." - format: "int32" - minimum: 2.0 - type: "integer" - periodSeconds: - default: 1 - description: "How often (in seconds) to perform the probe." - format: "int32" - minimum: 1.0 - type: "integer" - timeoutSeconds: - default: 1 - description: "Number of seconds after which the probe times out. Defaults to 1 second." - format: "int32" - minimum: 1.0 - type: "integer" - type: "object" - roleProbeTimeoutAfterPodsReady: - description: "Defines the timeout (in seconds) for the role probe after all pods of the component are ready.\nThe system will check if the application is available in the pod.\nIf pods exceed the InitializationTimeoutSeconds time without a role label, this component will enter the\nFailed/Abnormal phase.\n\n\nNote that this configuration will only take effect if the component supports RoleProbe\nand will not affect the life cycle of the pod. default values are 60 seconds." - format: "int32" - minimum: 30.0 - type: "integer" - runningProbe: - description: "Specifies the probe used for checking the running status of the component." - properties: - commands: - description: "Commands used to execute for probe." - properties: - queries: - description: "Defines read checks that are executed on the probe sidecar." - items: - type: "string" - type: "array" - writes: - description: "Defines write checks that are executed on the probe sidecar." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - default: 3 - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded." - format: "int32" - minimum: 2.0 - type: "integer" - periodSeconds: - default: 1 - description: "How often (in seconds) to perform the probe." - format: "int32" - minimum: 1.0 - type: "integer" - timeoutSeconds: - default: 1 - description: "Number of seconds after which the probe times out. Defaults to 1 second." - format: "int32" - minimum: 1.0 - type: "integer" - type: "object" - statusProbe: - description: "Specifies the probe used for checking the status of the component." - properties: - commands: - description: "Commands used to execute for probe." - properties: - queries: - description: "Defines read checks that are executed on the probe sidecar." - items: - type: "string" - type: "array" - writes: - description: "Defines write checks that are executed on the probe sidecar." - items: - type: "string" - type: "array" - type: "object" - failureThreshold: - default: 3 - description: "Minimum consecutive failures for the probe to be considered failed after having succeeded." - format: "int32" - minimum: 2.0 - type: "integer" - periodSeconds: - default: 1 - description: "How often (in seconds) to perform the probe." - format: "int32" - minimum: 1.0 - type: "integer" - timeoutSeconds: - default: 1 - description: "Number of seconds after which the probe times out. Defaults to 1 second." - format: "int32" - minimum: 1.0 - type: "integer" - type: "object" - type: "object" - replicationSpec: - description: "Defines spec for `Replication` workloads." - properties: - llPodManagementPolicy: - description: "Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.\n\n\n- `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod\nis ready before continuing. Pods are removed in reverse order when scaling down.\n- `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once\nwhen scaling down." - type: "string" - llUpdateStrategy: - description: "Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a\nrevision to the Template.\n`UpdateStrategy` will be ignored if this is provided." - properties: - rollingUpdate: - description: "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType." - properties: - maxUnavailable: - anyOf: - - type: "integer" - - type: "string" - description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable." - x-kubernetes-int-or-string: true - partition: - description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0." - format: "int32" - type: "integer" - type: "object" - type: - description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate." - type: "string" - type: "object" - updateStrategy: - default: "Serial" - description: "Specifies the strategy for updating Pods.\nFor workloadType=`Consensus`, the update strategy can be one of the following:\n\n\n- `Serial`: Updates Members sequentially to minimize component downtime.\n- `BestEffortParallel`: Updates Members in parallel to minimize component write downtime. Majority remains online\nat all times.\n- `Parallel`: Forces parallel updates." - enum: - - "Serial" - - "BestEffortParallel" - - "Parallel" - type: "string" - type: "object" - rsmSpec: - description: "Defines workload spec of this component.\nFrom KB 0.7.0, RSM(InstanceSetSpec) will be the underlying CR which powers all kinds of workload in KB.\nRSM is an enhanced stateful workload extension dedicated for heavy-state workloads like databases." - properties: - memberUpdateStrategy: - description: "Describes the strategy for updating Members (Pods).\n\n\n- `Serial`: Updates Members sequentially to ensure minimum component downtime.\n- `BestEffortParallel`: Updates Members in parallel to ensure minimum component write downtime.\n- `Parallel`: Forces parallel updates." - enum: - - "Serial" - - "BestEffortParallel" - - "Parallel" - type: "string" - membershipReconfiguration: - description: "Indicates the actions required for dynamic membership reconfiguration." - properties: - logSyncAction: - description: "Defines the action to trigger the new member to start log syncing.\nIf the Image is not configured, the Image from the previous non-nil action will be used." - properties: - args: - description: "Additional parameters used to perform specific statements. This field is optional." - items: - type: "string" - type: "array" - command: - description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required." - items: - type: "string" - type: "array" - image: - description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information." - type: "string" - required: - - "command" - type: "object" - memberJoinAction: - description: "Defines the action to add a member.\nIf the Image is not configured, the Image from the previous non-nil action will be used." - properties: - args: - description: "Additional parameters used to perform specific statements. This field is optional." - items: - type: "string" - type: "array" - command: - description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required." - items: - type: "string" - type: "array" - image: - description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information." - type: "string" - required: - - "command" - type: "object" - memberLeaveAction: - description: "Defines the action to remove a member.\nIf the Image is not configured, the Image from the previous non-nil action will be used." - properties: - args: - description: "Additional parameters used to perform specific statements. This field is optional." - items: - type: "string" - type: "array" - command: - description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required." - items: - type: "string" - type: "array" - image: - description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information." - type: "string" - required: - - "command" - type: "object" - promoteAction: - description: "Defines the action to inform the cluster that the new member can join voting now.\nIf the Image is not configured, the Image from the previous non-nil action will be used." - properties: - args: - description: "Additional parameters used to perform specific statements. This field is optional." - items: - type: "string" - type: "array" - command: - description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required." - items: - type: "string" - type: "array" - image: - description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information." - type: "string" - required: - - "command" - type: "object" - switchoverAction: - description: "Specifies the environment variables that can be used in all following Actions:\n- KB_ITS_USERNAME: Represents the username part of the credential\n- KB_ITS_PASSWORD: Represents the password part of the credential\n- KB_ITS_LEADER_HOST: Represents the leader host\n- KB_ITS_TARGET_HOST: Represents the target host\n- KB_ITS_SERVICE_PORT: Represents the service port\n\n\nDefines the action to perform a switchover.\nIf the Image is not configured, the latest [BusyBox](https://busybox.net/) image will be used." - properties: - args: - description: "Additional parameters used to perform specific statements. This field is optional." - items: - type: "string" - type: "array" - command: - description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required." - items: - type: "string" - type: "array" - image: - description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information." - type: "string" - required: - - "command" - type: "object" - type: "object" - roleProbe: - description: "Defines the method used to probe a role." - properties: - builtinHandlerName: - description: "Specifies the builtin handler name to use to probe the role of the main container.\nAvailable handlers include: mysql, postgres, mongodb, redis, etcd, kafka.\nUse CustomHandler to define a custom role probe function if none of the built-in handlers meet the requirement." - type: "string" - customHandler: - description: "Defines a custom method for role probing.\nIf the BuiltinHandler meets the requirement, use it instead.\nActions defined here are executed in series.\nUpon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles.\nThe latest [BusyBox](https://busybox.net/) image will be used if Image is not configured.\nEnvironment variables can be used in Command:\n- v_KB_ITS_LAST_STDOUT: stdout from the last action, watch for 'v_' prefix\n- KB_ITS_USERNAME: username part of the credential\n- KB_ITS_PASSWORD: password part of the credential" - items: - properties: - args: - description: "Additional parameters used to perform specific statements. This field is optional." - items: - type: "string" - type: "array" - command: - description: "A set of instructions that will be executed within the Container to retrieve or process role information. This field is required." - items: - type: "string" - type: "array" - image: - description: "Refers to the utility image that contains the command which can be utilized to retrieve or process role information." - type: "string" - required: - - "command" - type: "object" - type: "array" - failureThreshold: - default: 3 - description: "Specifies the minimum number of consecutive failures for the probe to be considered failed after having succeeded." - format: "int32" - minimum: 1.0 - type: "integer" - initialDelaySeconds: - default: 0 - description: "Specifies the number of seconds to wait after the container has started before initiating role probing." - format: "int32" - minimum: 0.0 - type: "integer" - periodSeconds: - default: 2 - description: "Specifies the frequency (in seconds) of probe execution." - format: "int32" - minimum: 1.0 - type: "integer" - roleUpdateMechanism: - default: "ReadinessProbeEventUpdate" - description: "Specifies the method for updating the pod role label." - enum: - - "ReadinessProbeEventUpdate" - - "DirectAPIServerEventUpdate" - type: "string" - successThreshold: - default: 1 - description: "Specifies the minimum number of consecutive successes for the probe to be considered successful after having failed." - format: "int32" - minimum: 1.0 - type: "integer" - timeoutSeconds: - default: 1 - description: "Specifies the number of seconds after which the probe times out." - format: "int32" - minimum: 1.0 - type: "integer" - type: "object" - roles: - description: "Specifies a list of roles defined within the system." - items: - properties: - accessMode: - default: "ReadWrite" - description: "Specifies the service capabilities of this member." - enum: - - "None" - - "Readonly" - - "ReadWrite" - type: "string" - canVote: - default: true - description: "Indicates if this member has voting rights." - type: "boolean" - isLeader: - default: false - description: "Determines if this member is the leader." - type: "boolean" - name: - default: "leader" - description: "Defines the role name of the replica." - type: "string" - required: - - "accessMode" - - "name" - type: "object" - type: "array" - type: "object" - scriptSpecs: - description: "Defines the template of scripts." - items: - properties: - defaultMode: - description: "The operator attempts to set default file permissions for scripts (0555) and configurations (0444).\nHowever, certain database engines may require different file permissions.\nYou can specify the desired file permissions here.\n\n\nMust be specified as an octal value between 0000 and 0777 (inclusive),\nor as a decimal value between 0 and 511 (inclusive).\nYAML supports both octal and decimal values for file permissions.\n\n\nPlease note that this setting only affects the permissions of the files themselves.\nDirectories within the specified path are not impacted by this setting.\nIt's important to be aware that this setting might conflict with other options\nthat influence the file mode, such as fsGroup.\nIn such cases, the resulting file mode may have additional bits set.\nRefers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information." - format: "int32" - type: "integer" - name: - description: "Specifies the name of the configuration template." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - namespace: - default: "default" - description: "Specifies the namespace of the referenced configuration template ConfigMap object.\nAn empty namespace is equivalent to the \"default\" namespace." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" - templateRef: - description: "Specifies the name of the referenced configuration template ConfigMap object." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - volumeName: - description: "Refers to the volume name of PodTemplate. The configuration file produced through the configuration\ntemplate will be mounted to the corresponding volume. Must be a DNS_LABEL name.\nThe volume name must be defined in podSpec.containers[*].volumeMounts." - maxLength: 63 - pattern: "^[a-z]([a-z0-9\\-]*[a-z0-9])?$" - type: "string" - required: - - "name" - - "volumeName" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - service: - description: "Defines the service spec." - properties: - ports: - description: "The list of ports that are exposed by this service.\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies" - items: - description: "ServicePort is deprecated since v0.8." - properties: - appProtocol: - description: "The application protocol for this port.\nThis field follows standard Kubernetes label syntax.\nUn-prefixed names are reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\nNon-standard protocols should use prefixed names such as\nmycompany.com/my-custom-protocol." - type: "string" - name: - description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort." - type: "string" - port: - description: "The port that will be exposed by this service." - format: "int32" - type: "integer" - protocol: - default: "TCP" - description: "The IP protocol for this port. Supports \"TCP\", \"UDP\", and \"SCTP\".\nDefault is TCP." - enum: - - "TCP" - - "UDP" - - "SCTP" - type: "string" - targetPort: - anyOf: - - type: "integer" - - type: "string" - description: "Number or name of the port to access on the pods targeted by the service.\n\n\nNumber must be in the range 1 to 65535. Name must be an IANA_SVC_NAME.\n\n\n- If this is a string, it will be looked up as a named port in the target Pod's container ports.\n- If this is not specified, the value of the `port` field is used (an identity map).\n\n\nThis field is ignored for services with clusterIP=None, and should be\nomitted or set equal to the `port` field.\n\n\nMore info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service" - x-kubernetes-int-or-string: true - required: - - "port" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "port" - - "protocol" - x-kubernetes-list-type: "map" - type: "object" - serviceRefDeclarations: - description: "Used to declare the service reference of the current component." - items: - description: "ServiceRefDeclaration represents a reference to a service that can be either provided by a KubeBlocks Cluster\nor an external service.\nIt acts as a placeholder for the actual service reference, which is determined later when a Cluster is created.\n\n\nThe purpose of ServiceRefDeclaration is to declare a service dependency without specifying the concrete details\nof the service.\nIt allows for flexibility and abstraction in defining service references within a Component.\nBy using ServiceRefDeclaration, you can define service dependencies in a declarative manner, enabling loose coupling\nand easier management of service references across different components and clusters.\n\n\nUpon Cluster creation, the ServiceRefDeclaration is bound to an actual service through the ServiceRef field,\neffectively resolving and connecting to the specified service." - properties: - name: - description: "Specifies the name of the ServiceRefDeclaration." - type: "string" - optional: - description: "Specifies whether the service reference can be optional.\n\n\nFor an optional service-ref, the component can still be created even if the service-ref is not provided." - type: "boolean" - serviceRefDeclarationSpecs: - description: "Defines a list of constraints and requirements for services that can be bound to this ServiceRefDeclaration\nupon Cluster creation.\nEach ServiceRefDeclarationSpec defines a ServiceKind and ServiceVersion,\noutlining the acceptable service types and versions that are compatible.\n\n\nThis flexibility allows a ServiceRefDeclaration to be fulfilled by any one of the provided specs.\nFor example, if it requires an OLTP database, specs for both MySQL and PostgreSQL are listed,\neither MySQL or PostgreSQL services can be used when binding." - items: - properties: - serviceKind: - description: "Specifies the type or nature of the service. This should be a well-known application cluster type, such as\n{mysql, redis, mongodb}.\nThe field is case-insensitive and supports abbreviations for some well-known databases.\nFor instance, both `zk` and `zookeeper` are considered as a ZooKeeper cluster, while `pg`, `postgres`, `postgresql`\nare all recognized as a PostgreSQL cluster." - type: "string" - serviceVersion: - description: "Defines the service version of the service reference. This is a regular expression that matches a version number pattern.\nFor instance, `^8.0.8$`, `8.0.\\d{1,2}$`, `^[v\\-]*?(\\d{1,2}\\.){0,3}\\d{1,2}$` are all valid patterns." - type: "string" - required: - - "serviceKind" - - "serviceVersion" - type: "object" - type: "array" - required: - - "name" - - "serviceRefDeclarationSpecs" - type: "object" - type: "array" - statefulSpec: - description: "Defines spec for `Stateful` workloads." - properties: - llPodManagementPolicy: - description: "Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down.\n\n\n- `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod\nis ready before continuing. Pods are removed in reverse order when scaling down.\n- `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once\nwhen scaling down." - type: "string" - llUpdateStrategy: - description: "Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a\nrevision to the Template.\n`UpdateStrategy` will be ignored if this is provided." - properties: - rollingUpdate: - description: "RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType." - properties: - maxUnavailable: - anyOf: - - type: "integer" - - type: "string" - description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding up. This can not be 0.\nDefaults to 1. This field is alpha-level and is only honored by servers that enable the\nMaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to\nReplicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it\nwill be counted towards MaxUnavailable." - x-kubernetes-int-or-string: true - partition: - description: "Partition indicates the ordinal at which the StatefulSet should be partitioned\nfor updates. During a rolling update, all pods from ordinal Replicas-1 to\nPartition are updated. All pods from ordinal Partition-1 to 0 remain untouched.\nThis is helpful in being able to do a canary based deployment. The default value is 0." - format: "int32" - type: "integer" - type: "object" - type: - description: "Type indicates the type of the StatefulSetUpdateStrategy.\nDefault is RollingUpdate." - type: "string" - type: "object" - updateStrategy: - default: "Serial" - description: "Specifies the strategy for updating Pods.\nFor workloadType=`Consensus`, the update strategy can be one of the following:\n\n\n- `Serial`: Updates Members sequentially to minimize component downtime.\n- `BestEffortParallel`: Updates Members in parallel to minimize component write downtime. Majority remains online\nat all times.\n- `Parallel`: Forces parallel updates." - enum: - - "Serial" - - "BestEffortParallel" - - "Parallel" - type: "string" - type: "object" - statelessSpec: - description: "Defines spec for `Stateless` workloads." - properties: - updateStrategy: - description: "Specifies the deployment strategy that will be used to replace existing pods with new ones." - properties: - rollingUpdate: - description: "Rolling update config params. Present only if DeploymentStrategyType =\nRollingUpdate.\n---\nTODO: Update this to follow our convention for oneOf, whatever we decide it\nto be." - properties: - maxSurge: - anyOf: - - type: "integer" - - type: "string" - description: "The maximum number of pods that can be scheduled above the desired number of\npods.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nThis can not be 0 if MaxUnavailable is 0.\nAbsolute number is calculated from percentage by rounding up.\nDefaults to 25%.\nExample: when this is set to 30%, the new ReplicaSet can be scaled up immediately when\nthe rolling update starts, such that the total number of old and new pods do not exceed\n130% of desired pods. Once old pods have been killed,\nnew ReplicaSet can be scaled up further, ensuring that total number of pods running\nat any time during the update is at most 130% of desired pods." - x-kubernetes-int-or-string: true - maxUnavailable: - anyOf: - - type: "integer" - - type: "string" - description: "The maximum number of pods that can be unavailable during the update.\nValue can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%).\nAbsolute number is calculated from percentage by rounding down.\nThis can not be 0 if MaxSurge is 0.\nDefaults to 25%.\nExample: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods\nimmediately when the rolling update starts. Once new pods are ready, old ReplicaSet\ncan be scaled down further, followed by scaling up the new ReplicaSet, ensuring\nthat the total number of pods available at all times during the update is at\nleast 70% of desired pods." - x-kubernetes-int-or-string: true - type: "object" - type: - description: "Type of deployment. Can be \"Recreate\" or \"RollingUpdate\". Default is RollingUpdate." - type: "string" - type: "object" - type: "object" - switchoverSpec: - description: "Defines command to do switchover.\nIn particular, when workloadType=Replication, the command defined in switchoverSpec will only be executed under\nthe condition of cluster.componentSpecs[x].SwitchPolicy.type=Noop." - properties: - withCandidate: - description: "Represents the action of switching over to a specified candidate primary or leader instance." - properties: - cmdExecutorConfig: - description: "Specifies the switchover command." - properties: - args: - description: "Additional parameters used in the execution of the command." - items: - type: "string" - type: "array" - command: - description: "The command to be executed." - items: - type: "string" - minItems: 1 - type: "array" - env: - description: "A list of environment variables that will be injected into the command execution context." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-preserve-unknown-fields: true - image: - description: "Specifies the image used to execute the command." - type: "string" - required: - - "command" - - "image" - type: "object" - scriptSpecSelectors: - description: "Used to select the script that need to be referenced.\nWhen defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig." - items: - properties: - name: - description: "Represents the name of the ScriptSpec referent." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - required: - - "name" - type: "object" - type: "array" - required: - - "cmdExecutorConfig" - type: "object" - withoutCandidate: - description: "Represents the action of switching over without specifying a candidate primary or leader instance." - properties: - cmdExecutorConfig: - description: "Specifies the switchover command." - properties: - args: - description: "Additional parameters used in the execution of the command." - items: - type: "string" - type: "array" - command: - description: "The command to be executed." - items: - type: "string" - minItems: 1 - type: "array" - env: - description: "A list of environment variables that will be injected into the command execution context." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-preserve-unknown-fields: true - image: - description: "Specifies the image used to execute the command." - type: "string" - required: - - "command" - - "image" - type: "object" - scriptSpecSelectors: - description: "Used to select the script that need to be referenced.\nWhen defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig." - items: - properties: - name: - description: "Represents the name of the ScriptSpec referent." - maxLength: 63 - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - required: - - "name" - type: "object" - type: "array" - required: - - "cmdExecutorConfig" - type: "object" - type: "object" - systemAccounts: - description: "Defines system accounts needed to manage the component, and the statement to create them." - properties: - accounts: - description: "Defines the configuration settings for system accounts." - items: - description: "SystemAccountConfig specifies how to create and delete system accounts.\n\n\nDeprecated since v0.9." - properties: - name: - description: "The unique identifier of a system account." - enum: - - "kbadmin" - - "kbdataprotection" - - "kbprobe" - - "kbmonitoring" - - "kbreplicator" - type: "string" - provisionPolicy: - description: "Outlines the strategy for creating the account." - properties: - scope: - default: "AnyPods" - description: "Defines the scope within which the account is provisioned." - type: "string" - secretRef: - description: "The external secret to refer." - properties: - name: - description: "The unique identifier of the secret." - type: "string" - namespace: - description: "The namespace where the secret is located." - type: "string" - required: - - "name" - - "namespace" - type: "object" - statements: - description: "The statement to provision an account." - properties: - creation: - description: "Specifies the statement required to create a new account with the necessary privileges." - type: "string" - deletion: - description: "Defines the statement required to delete an existing account.\nTypically used in conjunction with the creation statement to delete an account before recreating it.\nFor example, one might use a `drop user if exists` statement followed by a `create user` statement to ensure a fresh account.\n\n\nDeprecated: This field is deprecated and the update statement should be used instead." - type: "string" - update: - description: "Defines the statement required to update the password of an existing account." - type: "string" - required: - - "creation" - type: "object" - type: - description: "Specifies the method to provision an account." - enum: - - "CreateByStmt" - - "ReferToExisting" - type: "string" - required: - - "scope" - - "type" - type: "object" - required: - - "name" - - "provisionPolicy" - type: "object" - minItems: 1 - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - cmdExecutorConfig: - description: "Configures how to obtain the client SDK and execute statements." - properties: - args: - description: "Additional parameters used in the execution of the command." - items: - type: "string" - type: "array" - command: - description: "The command to be executed." - items: - type: "string" - minItems: 1 - type: "array" - env: - description: "A list of environment variables that will be injected into the command execution context." - items: - description: "EnvVar represents an environment variable present in a Container." - properties: - name: - description: "Name of the environment variable. Must be a C_IDENTIFIER." - type: "string" - value: - description: "Variable references $(VAR_NAME) are expanded\nusing the previously defined environment variables in the container and\nany service environment variables. If a variable cannot be resolved,\nthe reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e.\n\"$$(VAR_NAME)\" will produce the string literal \"$(VAR_NAME)\".\nEscaped references will never be expanded, regardless of whether the variable\nexists or not.\nDefaults to \"\"." - type: "string" - valueFrom: - description: "Source for the environment variable's value. Cannot be used if value is not empty." - properties: - configMapKeyRef: - description: "Selects a key of a ConfigMap." - properties: - key: - description: "The key to select." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the ConfigMap or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - fieldRef: - description: "Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`,\nspec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs." - properties: - apiVersion: - description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." - type: "string" - fieldPath: - description: "Path of the field to select in the specified API version." - type: "string" - required: - - "fieldPath" - type: "object" - x-kubernetes-map-type: "atomic" - resourceFieldRef: - description: "Selects a resource of the container: only resources limits and requests\n(limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported." - properties: - containerName: - description: "Container name: required for volumes, optional for env vars" - type: "string" - divisor: - anyOf: - - type: "integer" - - type: "string" - description: "Specifies the output format of the exposed resources, defaults to \"1\"" - pattern: "^(\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\\+|-)?(([0-9]+(\\.[0-9]*)?)|(\\.[0-9]+))))?$" - x-kubernetes-int-or-string: true - resource: - description: "Required: resource to select" - type: "string" - required: - - "resource" - type: "object" - x-kubernetes-map-type: "atomic" - secretKeyRef: - description: "Selects a key of a secret in the pod's namespace" - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" - type: "string" - optional: - description: "Specify whether the Secret or its key must be defined" - type: "boolean" - required: - - "key" - type: "object" - x-kubernetes-map-type: "atomic" - type: "object" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-preserve-unknown-fields: true - image: - description: "Specifies the image used to execute the command." - type: "string" - required: - - "command" - - "image" - type: "object" - passwordConfig: - description: "Defines the pattern used to generate passwords for system accounts." - properties: - length: - default: 16 - description: "The length of the password." - format: "int32" - maximum: 32.0 - minimum: 8.0 - type: "integer" - letterCase: - default: "MixedCases" - description: "The case of the letters in the password." - enum: - - "LowerCases" - - "UpperCases" - - "MixedCases" - type: "string" - numDigits: - default: 4 - description: "The number of digits in the password." - format: "int32" - maximum: 8.0 - minimum: 0.0 - type: "integer" - numSymbols: - default: 0 - description: "The number of symbols in the password." - format: "int32" - maximum: 8.0 - minimum: 0.0 - type: "integer" - seed: - description: "Seed to generate the account's password.\nCannot be updated." - type: "string" - type: "object" - required: - - "accounts" - - "cmdExecutorConfig" - - "passwordConfig" - type: "object" - volumeProtectionSpec: - description: "Defines settings to do volume protect." - properties: - highWatermark: - default: 90 - description: "The high watermark threshold for volume space usage.\nIf there is any specified volumes who's space usage is over the threshold, the pre-defined \"LOCK\" action\nwill be triggered to degrade the service to protect volume from space exhaustion, such as to set the instance\nas read-only. And after that, if all volumes' space usage drops under the threshold later, the pre-defined\n\"UNLOCK\" action will be performed to recover the service normally." - maximum: 100.0 - minimum: 0.0 - type: "integer" - volumes: - description: "The Volumes to be protected." - items: - description: "ProtectedVolume is deprecated since v0.9, replaced with ComponentVolume.HighWatermark." - properties: - highWatermark: - description: "Defines the high watermark threshold for the volume, it will override the component level threshold.\nIf the value is invalid, it will be ignored and the component level threshold will be used." - maximum: 100.0 - minimum: 0.0 - type: "integer" - name: - description: "The Name of the volume to protect." - type: "string" - type: "object" - type: "array" - type: "object" - volumeTypes: - description: "Used to describe the purpose of the volumes mapping the name of the VolumeMounts in the PodSpec.Container field,\nsuch as data volume, log volume, etc. When backing up the volume, the volume can be correctly backed up according\nto the volumeType.\n\n\nFor example:\n\n\n- `name: data, type: data` means that the volume named `data` is used to store `data`.\n- `name: binlog, type: log` means that the volume named `binlog` is used to store `log`.\n\n\nNOTE: When volumeTypes is not defined, the backup function will not be supported, even if a persistent volume has\nbeen specified." - items: - description: "VolumeTypeSpec is deprecated since v0.9, replaced with ComponentVolume." - properties: - name: - description: "Corresponds to the name of the VolumeMounts field in PodSpec.Container." - pattern: "^[a-z0-9]([a-z0-9\\.\\-]*[a-z0-9])?$" - type: "string" - type: - description: "Type of data the volume will persistent." - enum: - - "data" - - "log" - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - workloadType: - description: "Defines the type of the workload.\n\n\n- `Stateless` describes stateless applications.\n- `Stateful` describes common stateful applications.\n- `Consensus` describes applications based on consensus protocols, such as raft and paxos.\n- `Replication` describes applications based on the primary-secondary data replication protocol." - enum: - - "Stateless" - - "Stateful" - - "Consensus" - - "Replication" - type: "string" - required: - - "name" - - "workloadType" - type: "object" - x-kubernetes-validations: - - message: "componentDefs.consensusSpec(deprecated) or componentDefs.rsmSpec(recommended) is required when componentDefs.workloadType is Consensus, and forbidden otherwise" - rule: "has(self.workloadType) && self.workloadType == 'Consensus' ? (has(self.consensusSpec) || has(self.rsmSpec)) : !has(self.consensusSpec)" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" - connectionCredential: - additionalProperties: - type: "string" - description: "Connection credential template used for creating a connection credential secret for cluster objects.\n\n\nBuilt-in objects are:\n\n\n- `$(RANDOM_PASSWD)` random 8 characters.\n- `$(STRONG_RANDOM_PASSWD)` random 16 characters, with mixed cases, digits and symbols.\n- `$(UUID)` generate a random UUID v4 string.\n- `$(UUID_B64)` generate a random UUID v4 BASE64 encoded string.\n- `$(UUID_STR_B64)` generate a random UUID v4 string then BASE64 encoded.\n- `$(UUID_HEX)` generate a random UUID v4 HEX representation.\n- `$(HEADLESS_SVC_FQDN)` headless service FQDN placeholder, value pattern is `$(CLUSTER_NAME)-$(1ST_COMP_NAME)-headless.$(NAMESPACE).svc`,\n where 1ST_COMP_NAME is the 1st component that provide `ClusterDefinition.spec.componentDefs[].service` attribute;\n- `$(SVC_FQDN)` service FQDN placeholder, value pattern is `$(CLUSTER_NAME)-$(1ST_COMP_NAME).$(NAMESPACE).svc`,\n where 1ST_COMP_NAME is the 1st component that provide `ClusterDefinition.spec.componentDefs[].service` attribute;\n- `$(SVC_PORT_{PORT-NAME})` is ServicePort's port value with specified port name, i.e, a servicePort JSON struct:\n `{\"name\": \"mysql\", \"targetPort\": \"mysqlContainerPort\", \"port\": 3306}`, and `$(SVC_PORT_mysql)` in the\n connection credential value is 3306.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." - type: "object" topologies: description: "Topologies defines all possible topologies within the cluster." items: diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml index 91aa60c49..e94a99106 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/clusters.yaml @@ -613,7 +613,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -643,6 +643,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -700,7 +712,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -730,6 +742,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -786,7 +810,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -816,6 +840,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -873,7 +909,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -903,6 +939,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1071,21 +1119,6 @@ spec: resources: description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1471,21 +1504,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1539,6 +1557,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -1793,6 +1814,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -2369,7 +2439,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2399,6 +2469,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2456,7 +2538,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2486,6 +2568,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2542,7 +2636,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2572,6 +2666,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2629,7 +2735,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2659,6 +2765,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2905,7 +3023,7 @@ spec: description: "Stop the Component.\nIf set, all the computing resources will be released." type: "boolean" switchPolicy: - description: "Defines the strategy for switchover and failover when workloadType is Replication.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." + description: "Defines the strategy for switchover and failover.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." properties: type: default: "Noop" @@ -3166,21 +3284,6 @@ spec: resources: description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3538,21 +3641,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3606,6 +3694,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -3860,6 +3951,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -4368,7 +4508,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4398,6 +4538,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -4455,7 +4607,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4485,6 +4637,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -4541,7 +4705,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4571,6 +4735,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -4628,7 +4804,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -4658,6 +4834,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -4895,7 +5083,7 @@ spec: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." @@ -5453,7 +5641,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5483,6 +5671,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -5540,7 +5740,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5570,6 +5770,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -5626,7 +5838,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5656,6 +5868,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -5713,7 +5937,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -5743,6 +5967,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -5911,21 +6147,6 @@ spec: resources: description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -6311,21 +6532,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -6379,6 +6585,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -6633,6 +6842,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -7209,7 +7467,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7239,6 +7497,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -7296,7 +7566,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7326,6 +7596,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -7382,7 +7664,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7412,6 +7694,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -7469,7 +7763,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -7499,6 +7793,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -7745,7 +8051,7 @@ spec: description: "Stop the Component.\nIf set, all the computing resources will be released." type: "boolean" switchPolicy: - description: "Defines the strategy for switchover and failover when workloadType is Replication.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." + description: "Defines the strategy for switchover and failover.\n\n\nDeprecated since v0.9.\nThis field is maintained for backward compatibility and its use is discouraged.\nExisting usage should be updated to the current preferred approach to avoid compatibility issues in future releases." properties: type: default: "Noop" @@ -8006,21 +8312,6 @@ spec: resources: description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -8378,21 +8669,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -8446,6 +8722,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -8700,6 +8979,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml index c9dda7f9c..076b1b172 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/componentdefinitions.yaml @@ -2386,7 +2386,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2416,6 +2416,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2473,7 +2485,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2503,6 +2515,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2559,7 +2583,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2589,6 +2613,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2646,7 +2682,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2676,6 +2712,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2913,6 +2961,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -2978,6 +3036,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -3766,6 +3834,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -3831,6 +3909,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -4631,6 +4719,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -4696,6 +4794,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -5889,21 +5997,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -5957,6 +6050,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -6211,6 +6307,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -6700,7 +6845,7 @@ spec: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml index 176b9e8fe..97b046f3b 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/components.yaml @@ -518,7 +518,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -548,6 +548,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -605,7 +617,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -635,6 +647,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -691,7 +715,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -721,6 +745,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -778,7 +814,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -808,6 +844,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -976,21 +1024,6 @@ spec: resources: description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1376,21 +1409,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1444,6 +1462,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -1698,6 +1719,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -2228,7 +2298,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2258,6 +2328,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2315,7 +2397,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2345,6 +2427,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2401,7 +2495,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2431,6 +2525,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2488,7 +2594,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2518,6 +2624,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2820,7 +2938,7 @@ spec: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." @@ -3034,21 +3152,6 @@ spec: resources: description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3406,21 +3509,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3474,6 +3562,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -3728,6 +3819,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsdefinitions.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsdefinitions.yaml index 79bef72b4..3e281c236 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsdefinitions.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsdefinitions.yaml @@ -335,7 +335,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -365,6 +365,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -422,7 +434,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -452,6 +464,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -508,7 +532,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -538,6 +562,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -595,7 +631,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -625,6 +661,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -862,6 +910,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -927,6 +985,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -1715,6 +1783,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -1780,6 +1858,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -2580,6 +2668,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -2645,6 +2743,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -3838,21 +3946,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -3906,6 +3999,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -4160,6 +4256,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: diff --git a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml index 8d26cce84..8f78cf5ea 100644 --- a/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml +++ b/crd-catalog/apecloud/kubeblocks/apps.kubeblocks.io/v1alpha1/opsrequests.yaml @@ -176,6 +176,10 @@ spec: - "components" - "opsDefinitionName" type: "object" + enqueueOnForce: + default: false + description: "Indicates whether opsRequest should continue to queue when 'force' is set to true." + type: "boolean" expose: description: "Lists Expose objects, each specifying a Component and its services to be exposed." items: @@ -218,7 +222,7 @@ spec: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." @@ -638,7 +642,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -668,6 +672,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -725,7 +741,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -755,6 +771,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -811,7 +839,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -841,6 +869,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -898,7 +938,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -928,6 +968,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1096,21 +1148,6 @@ spec: resources: description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1496,21 +1533,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1564,6 +1586,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -1818,6 +1843,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -3024,14 +3098,6 @@ spec: description: "Provides an explanation for the Component being in its current state." maxLength: 1024 type: "string" - workloadType: - description: "Records the workload type of Component in ClusterDefinition.\nDeprecated and should be removed in the future version." - enum: - - "Stateless" - - "Stateful" - - "Consensus" - - "Replication" - type: "string" type: "object" description: "Records the status information of Components changed due to the OpsRequest." type: "object" @@ -3407,7 +3473,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3437,6 +3503,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -3494,7 +3572,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3524,6 +3602,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -3580,7 +3670,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3610,6 +3700,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -3667,7 +3769,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3697,6 +3799,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -3865,21 +3979,6 @@ spec: resources: description: "Represents the minimum resources the volume should have.\nIf the RecoverVolumeExpansionFailure feature is enabled, users are allowed to specify resource requirements that\nare lower than the previous value but must still be higher than the capacity recorded in the status field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources." properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -4265,21 +4364,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -4333,6 +4417,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -4587,6 +4674,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml index 6d9ab8138..9e4691592 100644 --- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml +++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backuppolicies.yaml @@ -226,6 +226,37 @@ spec: podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: @@ -381,6 +412,37 @@ spec: podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: @@ -541,6 +603,37 @@ spec: podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: @@ -659,6 +752,37 @@ spec: podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml index f375cf6bb..c9d850275 100644 --- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml +++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/backups.yaml @@ -372,6 +372,37 @@ spec: podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: @@ -527,6 +558,37 @@ spec: podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: @@ -729,6 +791,37 @@ spec: podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: @@ -852,6 +945,37 @@ spec: podSelector: description: "Used to find the target pod. The volumes of the target pod will be backed up." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: diff --git a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml index 806e670fb..666f87a75 100644 --- a/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml +++ b/crd-catalog/apecloud/kubeblocks/dataprotection.kubeblocks.io/v1alpha1/restores.yaml @@ -379,7 +379,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -409,6 +409,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -466,7 +478,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -496,6 +508,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -552,7 +576,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -582,6 +606,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -639,7 +675,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -669,6 +705,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -902,21 +950,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -970,6 +1003,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -1078,21 +1114,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1146,6 +1167,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -1270,6 +1294,37 @@ spec: podSelector: description: "Selects one of the pods, identified by labels, to build the job spec.\nThis includes mounting required volumes and injecting built-in environment variables of the selected pod." properties: + fallbackLabelSelector: + description: "fallbackLabelSelector is used to filter available pods when the labelSelector fails.\nThis only takes effect when the `strategy` field below is set to `Any`." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." items: diff --git a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml index 35819ae57..68d9d43c4 100644 --- a/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml +++ b/crd-catalog/apecloud/kubeblocks/workloads.kubeblocks.io/v1alpha1/instancesets.yaml @@ -549,7 +549,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -579,6 +579,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -636,7 +648,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -666,6 +678,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -722,7 +746,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -752,6 +776,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -809,7 +845,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -839,6 +875,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -1066,21 +1114,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1134,6 +1167,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -1203,6 +1239,21 @@ spec: - "type" type: "object" type: "array" + currentVolumeAttributesClassName: + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + type: "string" + modifyVolumeStatus: + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + properties: + status: + description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." + type: "string" + targetVolumeAttributesClassName: + description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled" + type: "string" + required: + - "status" + type: "object" phase: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" @@ -1563,21 +1614,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -1631,6 +1667,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -1885,6 +1924,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -2564,7 +2652,7 @@ spec: description: "ServicePort contains information on service's port." properties: appProtocol: - description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." + description: "The application protocol for this port.\nThis is used as a hint for implementations to offer richer behavior for protocols that they understand.\nThis field follows standard Kubernetes label syntax.\nValid values are either:\n\n\n* Un-prefixed protocol names - reserved for IANA standard service names (as per\nRFC-6335 and https://www.iana.org/assignments/service-names).\n\n\n* Kubernetes-defined prefixed names:\n * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior-\n * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455\n * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455\n\n\n* Other protocols should use implementation-defined prefixed names such as\nmycompany.com/my-custom-protocol." type: "string" name: description: "The name of this port within the service. This must be a DNS_LABEL.\nAll ports within a ServiceSpec must have unique names. When considering\nthe endpoints for a Service, this must match the 'name' field in the\nEndpointPort.\nOptional if only one ServicePort is defined on this service." @@ -2687,6 +2775,9 @@ spec: ip: description: "IP is set for load-balancer ingress points that are IP based\n(typically GCE or OpenStack load-balancers)" type: "string" + ipMode: + description: "IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified.\nSetting this to \"VIP\" indicates that traffic is delivered to the node with\nthe destination set to the load-balancer's IP and port.\nSetting this to \"Proxy\" indicates that traffic is delivered to the node or pod with\nthe destination set to the node's IP and node port or the pod's IP and port.\nService implementations may use this information to adjust traffic routing." + type: "string" ports: description: "Ports is a list of records of service ports\nIf used, every port defined in the service should have an entry in it" items: @@ -2883,7 +2974,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -2913,6 +3004,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -2970,7 +3073,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3000,6 +3103,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -3056,7 +3171,7 @@ spec: description: "Required. A pod affinity term, associated with the corresponding weight." properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3086,6 +3201,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -3143,7 +3270,7 @@ spec: description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" properties: labelSelector: - description: "A label query over a set of resources, in this case pods." + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." properties: matchExpressions: description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." @@ -3173,6 +3300,18 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" namespaceSelector: description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." properties: @@ -3410,6 +3549,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -3475,6 +3624,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -4263,6 +4422,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -4328,6 +4497,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -5128,6 +5307,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -5193,6 +5382,16 @@ spec: required: - "port" type: "object" + sleep: + description: "Sleep represents the duration that the container should sleep before being terminated." + properties: + seconds: + description: "Seconds is the number of seconds to sleep." + format: "int64" + type: "integer" + required: + - "seconds" + type: "object" tcpSocket: description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept\nfor the backward compatibility. There are no validation of this field and\nlifecycle hooks will fail in runtime when tcp handler is specified." properties: @@ -6386,21 +6585,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -6454,6 +6638,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -6708,6 +6895,55 @@ spec: items: description: "Projection that may be projected along with other supported volume types" properties: + clusterTrustBundle: + description: "ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field\nof ClusterTrustBundle objects in an auto-updating file.\n\n\nAlpha, gated by the ClusterTrustBundleProjection feature gate.\n\n\nClusterTrustBundle objects can either be selected by name, or by the\ncombination of signer name and a label selector.\n\n\nKubelet performs aggressive normalization of the PEM contents written\ninto the pod filesystem. Esoteric PEM features such as inter-block\ncomments and block headers are stripped. Certificates are deduplicated.\nThe ordering of certificates within the file is arbitrary, and Kubelet\nmay change the order over time." + properties: + labelSelector: + description: "Select all ClusterTrustBundles that match this label selector. Only has\neffect if signerName is set. Mutually-exclusive with name. If unset,\ninterpreted as \"match nothing\". If set but empty, interpreted as \"match\neverything\"." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + required: + - "key" + - "operator" + type: "object" + type: "array" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + name: + description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive\nwith signerName and labelSelector." + type: "string" + optional: + description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s)\naren't available. If using name, then the named ClusterTrustBundle is\nallowed not to exist. If using signerName, then the combination of\nsignerName and labelSelector is allowed to match zero\nClusterTrustBundles." + type: "boolean" + path: + description: "Relative path from the volume root to write the bundle." + type: "string" + signerName: + description: "Select all ClusterTrustBundles that match this signer name.\nMutually-exclusive with name. The contents of all selected\nClusterTrustBundles will be unified and deduplicated." + type: "string" + required: + - "path" + type: "object" configMap: description: "configMap information about the configMap data to project" properties: @@ -7131,21 +7367,6 @@ spec: resources: description: "resources represents the minimum resources the volume should have.\nIf RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements\nthat are lower than previous value but must still be higher than capacity recorded in the\nstatus field of the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources" properties: - claims: - description: "Claims lists the names of resources, defined in spec.resourceClaims,\nthat are used by this container.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable. It can only be set for containers." - items: - description: "ResourceClaim references one entry in PodSpec.ResourceClaims." - properties: - name: - description: "Name must match the name of one entry in pod.spec.resourceClaims of\nthe Pod where this field is used. It makes that resource available\ninside a container." - type: "string" - required: - - "name" - type: "object" - type: "array" - x-kubernetes-list-map-keys: - - "name" - x-kubernetes-list-type: "map" limits: additionalProperties: anyOf: @@ -7199,6 +7420,9 @@ spec: storageClassName: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" + volumeAttributesClassName: + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." type: "string" @@ -7268,6 +7492,21 @@ spec: - "type" type: "object" type: "array" + currentVolumeAttributesClassName: + description: "currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using.\nWhen unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + type: "string" + modifyVolumeStatus: + description: "ModifyVolumeStatus represents the status object of ControllerModifyVolume operation.\nWhen this is unset, there is no ModifyVolume operation being attempted.\nThis is an alpha field and requires enabling VolumeAttributesClass feature." + properties: + status: + description: "status is the status of the ControllerModifyVolume operation. It can be in any of following states:\n - Pending\n Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as\n the specified VolumeAttributesClass not existing.\n - InProgress\n InProgress indicates that the volume is being modified.\n - Infeasible\n Infeasible indicates that the request has been rejected as invalid by the CSI driver. To\n\t resolve the error, a valid VolumeAttributesClass needs to be specified.\nNote: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately." + type: "string" + targetVolumeAttributesClassName: + description: "targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled" + type: "string" + required: + - "status" + type: "object" phase: description: "phase represents the current phase of PersistentVolumeClaim." type: "string" diff --git a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml index db015970f..f82faa80c 100644 --- a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml +++ b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificateauthorityactivations.yaml @@ -56,6 +56,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" certificateChain: diff --git a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml index 38ddcc23c..76bef6977 100644 --- a/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml +++ b/crd-catalog/aws-controllers-k8s/acmpca-controller/acmpca.services.k8s.aws/v1alpha1/certificates.yaml @@ -230,6 +230,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" certificateSigningRequest: @@ -242,6 +244,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" signingAlgorithm: diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml index 5f3d36b47..27e45829b 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/authorizers.yaml @@ -39,6 +39,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" authorizerCredentialsARN: diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml index df615ead5..5556ff6f4 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/deployments.yaml @@ -39,6 +39,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" description: diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml index 9eb110419..01a64d338 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/integrations.yaml @@ -39,6 +39,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" connectionID: @@ -51,6 +53,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" connectionType: diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml index 7aedc5090..d291ac468 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/routes.yaml @@ -41,6 +41,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" authorizationScopes: @@ -59,6 +61,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" modelSelectionExpression: @@ -91,6 +95,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" required: diff --git a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml index 8df5c9f75..80241cf43 100644 --- a/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml +++ b/crd-catalog/aws-controllers-k8s/apigatewayv2-controller/apigatewayv2.services.k8s.aws/v1alpha1/stages.yaml @@ -49,6 +49,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" autoDeploy: @@ -81,6 +83,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" description: diff --git a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml index 40058a76c..a06667c23 100644 --- a/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudfront-controller/cloudfront.services.k8s.aws/v1alpha1/distributions.yaml @@ -507,6 +507,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" certificate: diff --git a/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml b/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml index 366e0f740..68316479a 100644 --- a/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml +++ b/crd-catalog/aws-controllers-k8s/cloudwatchlogs-controller/cloudwatchlogs.services.k8s.aws/v1alpha1/loggroups.yaml @@ -40,6 +40,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" name: diff --git a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml index c70f5f340..2a1df3413 100644 --- a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml +++ b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbclusters.yaml @@ -55,6 +55,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" deletionProtection: @@ -88,6 +90,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" masterUserPassword: @@ -159,6 +163,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml index 396a6e66c..5a52bc6b9 100644 --- a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml +++ b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbinstances.yaml @@ -71,6 +71,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" preferredMaintenanceWindow: diff --git a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml index ce1c32572..b2fd3e2d4 100644 --- a/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml +++ b/crd-catalog/aws-controllers-k8s/documentdb-controller/documentdb.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml @@ -49,6 +49,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml index 1fa98abe9..2c9624231 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/dhcpoptions.yaml @@ -69,6 +69,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml index 75c97de95..64be189af 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/internetgateways.yaml @@ -42,6 +42,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -71,6 +73,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml index 2da2b395e..8f8b7b1b3 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/natgateways.yaml @@ -47,6 +47,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" connectivityType: @@ -63,6 +65,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" tags: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml index 9e5094047..4e6522d2b 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/routetables.yaml @@ -58,6 +58,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" instanceID: @@ -74,6 +76,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" networkInterfaceID: @@ -88,6 +92,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" vpcEndpointID: @@ -100,6 +106,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" vpcPeeringConnectionID: @@ -112,6 +120,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "object" @@ -138,6 +148,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml index 89cc35a8d..eeb60f8cd 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/securitygroups.yaml @@ -96,6 +96,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" peeringStatus: @@ -114,6 +116,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "object" @@ -180,6 +184,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" peeringStatus: @@ -198,6 +204,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "object" @@ -229,6 +237,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" required: diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml index 66af95b14..851ecfcf3 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/subnets.yaml @@ -77,6 +77,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -106,6 +108,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml index e690735ea..47b3a7f5f 100644 --- a/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml +++ b/crd-catalog/aws-controllers-k8s/ec2-controller/ec2.services.k8s.aws/v1alpha1/vpcendpoints.yaml @@ -65,6 +65,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -82,6 +84,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -102,6 +106,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -130,6 +136,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" required: diff --git a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml index 845d24518..476846c88 100644 --- a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml +++ b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/accesspoints.yaml @@ -65,6 +65,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" posixUser: diff --git a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml index 64686145b..8843c5733 100644 --- a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml +++ b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/filesystems.yaml @@ -94,6 +94,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" lifecyclePolicies: diff --git a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml index 28b010bdf..2947a032b 100644 --- a/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml +++ b/crd-catalog/aws-controllers-k8s/efs-controller/efs.services.k8s.aws/v1alpha1/mounttargets.yaml @@ -74,6 +74,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" ipAddress: @@ -88,6 +90,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -107,6 +111,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml index 6c4e3de57..6defd1b5e 100644 --- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml +++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/addons.yaml @@ -70,6 +70,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" configurationValues: @@ -92,6 +94,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" tags: diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml index 7b39cf9a1..43b0adc31 100644 --- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml +++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/clusters.yaml @@ -79,6 +79,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "object" @@ -156,6 +158,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -173,6 +177,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -188,6 +194,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" tags: diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml index 871f0c80c..7f42d17f5 100644 --- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml +++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/fargateprofiles.yaml @@ -60,6 +60,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" name: @@ -76,6 +78,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" selectors: @@ -100,6 +104,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml index 5e0284cfc..d49477c8a 100644 --- a/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml +++ b/crd-catalog/aws-controllers-k8s/eks-controller/eks.services.k8s.aws/v1alpha1/nodegroups.yaml @@ -82,6 +82,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" diskSize: @@ -122,6 +124,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" releaseVersion: @@ -142,6 +146,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -172,6 +178,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml b/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml index 9d82bbccc..3663bb6b8 100644 --- a/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml +++ b/crd-catalog/aws-controllers-k8s/emrcontainers-controller/emrcontainers.services.k8s.aws/v1alpha1/jobruns.yaml @@ -79,6 +79,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" required: diff --git a/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml b/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml index 46e005cea..e042c7a73 100644 --- a/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml +++ b/crd-catalog/aws-controllers-k8s/kafka-controller/kafka.services.k8s.aws/v1alpha1/clusters.yaml @@ -38,6 +38,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml index 98f05a023..095f0e3c5 100644 --- a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml +++ b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/aliases.yaml @@ -43,6 +43,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" required: diff --git a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml index d5368378b..b7fad03ae 100644 --- a/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml +++ b/crd-catalog/aws-controllers-k8s/kms-controller/kms.services.k8s.aws/v1alpha1/grants.yaml @@ -60,6 +60,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" name: diff --git a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/acls.yaml b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/acls.yaml index 22440216f..bd9ca06df 100644 --- a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/acls.yaml +++ b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/acls.yaml @@ -57,6 +57,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/clusters.yaml b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/clusters.yaml index 1ffcd057d..de1f61c1f 100644 --- a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/clusters.yaml +++ b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/clusters.yaml @@ -40,6 +40,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" autoMinorVersionUpgrade: @@ -82,6 +84,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" port: @@ -102,6 +106,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -121,6 +127,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" snapshotRetentionLimit: @@ -141,6 +149,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" subnetGroupName: @@ -154,6 +164,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" tags: diff --git a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/snapshots.yaml b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/snapshots.yaml index 944fe01ad..71c5c51b4 100644 --- a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/snapshots.yaml +++ b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/snapshots.yaml @@ -40,6 +40,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" kmsKeyID: @@ -53,6 +55,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" name: diff --git a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/subnetgroups.yaml b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/subnetgroups.yaml index 2cc31d90d..2ea1643a7 100644 --- a/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/subnetgroups.yaml +++ b/crd-catalog/aws-controllers-k8s/memorydb-controller/memorydb.services.k8s.aws/v1alpha1/subnetgroups.yaml @@ -49,6 +49,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml b/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml index 9841b55b1..0c55f069f 100644 --- a/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml +++ b/crd-catalog/aws-controllers-k8s/mq-controller/mq.services.k8s.aws/v1alpha1/brokers.yaml @@ -119,6 +119,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" @@ -141,6 +143,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml index ab0da80f0..1f47667e1 100644 --- a/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml +++ b/crd-catalog/aws-controllers-k8s/networkfirewall-controller/networkfirewall.services.k8s.aws/v1alpha1/firewalls.yaml @@ -60,7 +60,7 @@ spec: items: description: "The ID for a subnet that you want to associate with the firewall. This is\nused with CreateFirewall and AssociateSubnets. Network Firewall creates an\ninstance of the associated firewall in each subnet that you specify, to filter\ntraffic in the subnet's Availability Zone." properties: - iPAddressType: + ipAddressType: type: "string" subnetID: type: "string" @@ -162,7 +162,7 @@ spec: items: description: "The ID for a subnet that you want to associate with the firewall. This is\nused with CreateFirewall and AssociateSubnets. Network Firewall creates an\ninstance of the associated firewall in each subnet that you specify, to filter\ntraffic in the subnet's Availability Zone." properties: - iPAddressType: + ipAddressType: type: "string" subnetID: type: "string" diff --git a/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml b/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml index 1102be3a3..d3f0fdd54 100644 --- a/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml +++ b/crd-catalog/aws-controllers-k8s/opensearchservice-controller/opensearchservice.services.k8s.aws/v1alpha1/domains.yaml @@ -30,15 +30,15 @@ spec: description: "DomainSpec defines the desired state of Domain." properties: accessPolicies: - description: "IAM access policy as a JSON-formatted string." + description: "Identity and Access Management (IAM) policy document specifying the access\npolicies for the new domain." type: "string" advancedOptions: additionalProperties: type: "string" - description: "Option to allow references to indices in an HTTP request body. Must be false\nwhen configuring access to individual sub-resources. By default, the value\nis true. See Advanced cluster parameters (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options)\nfor more information." + description: "Key-value pairs to specify advanced configuration options. The following\nkey-value pairs are supported:\n\n\n * \"rest.action.multi.allow_explicit_index\": \"true\" | \"false\" - Note the\n use of a string rather than a boolean. Specifies whether explicit references\n to indexes are allowed inside the body of HTTP requests. If you want to\n configure access policies for domain sub-resources, such as specific indexes\n and domain APIs, you must disable this property. Default is true.\n\n\n * \"indices.fielddata.cache.size\": \"80\" - Note the use of a string rather\n than a boolean. Specifies the percentage of heap space allocated to field\n data. Default is unbounded.\n\n\n * \"indices.query.bool.max_clause_count\": \"1024\" - Note the use of a string\n rather than a boolean. Specifies the maximum number of clauses allowed\n in a Lucene boolean query. Default is 1,024. Queries with more than the\n permitted number of clauses result in a TooManyClauses error.\n\n\n * \"override_main_response_version\": \"true\" | \"false\" - Note the use of\n a string rather than a boolean. Specifies whether the domain reports its\n version as 7.10 to allow Elasticsearch OSS clients and plugins to continue\n working with it. Default is false when creating a domain and true when\n upgrading a domain.\n\n\nFor more information, see Advanced cluster parameters (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options)." type: "object" advancedSecurityOptions: - description: "Specifies advanced security options." + description: "Options for fine-grained access control." properties: anonymousAuthEnabled: type: "boolean" @@ -46,11 +46,23 @@ spec: type: "boolean" internalUserDatabaseEnabled: type: "boolean" + jwtOptions: + description: "The JWT authentication and authorization configuration for an Amazon OpenSearch\nService domain." + properties: + enabled: + type: "boolean" + publicKey: + type: "string" + rolesKey: + type: "string" + subjectKey: + type: "string" + type: "object" masterUserOptions: - description: "Credentials for the master user: username and password, ARN, or both." + description: "Credentials for the master user for a domain." properties: masterUserARN: - description: "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities\n(http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using AWS\nIdentity and Access Management for more information." + description: "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities\n(https://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using Amazon\nWeb Services Identity and Access Management for more information." type: "string" masterUserName: type: "string" @@ -72,12 +84,12 @@ spec: x-kubernetes-map-type: "atomic" type: "object" sAMLOptions: - description: "The SAML application configuration for the domain." + description: "The SAML authentication configuration for an Amazon OpenSearch Service domain." properties: enabled: type: "boolean" idp: - description: "The SAML identity povider's information." + description: "The SAML identity povider information." properties: entityID: type: "string" @@ -97,26 +109,36 @@ spec: type: "string" type: "object" type: "object" + aimlOptions: + description: "Options for all machine learning features for the specified domain." + properties: + naturalLanguageQueryGenerationOptions: + description: "Container for parameters required to enable the natural language query generation\nfeature." + properties: + desiredState: + type: "string" + type: "object" + type: "object" autoTuneOptions: - description: "Specifies Auto-Tune options." + description: "Options for Auto-Tune." properties: desiredState: description: "The Auto-Tune desired state. Valid values are ENABLED and DISABLED." type: "string" maintenanceSchedules: items: - description: "Specifies the Auto-Tune maintenance schedule. See Auto-Tune for Amazon OpenSearch\nService (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)\nfor more information." + description: "This object is deprecated. Use the domain's off-peak window (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html)\nto schedule Auto-Tune optimizations. For migration instructions, see Migrating\nfrom Auto-Tune maintenance windows (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html#off-peak-migrate).\n\n\nThe Auto-Tune maintenance schedule. For more information, see Auto-Tune for\nAmazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)." properties: cronExpressionForRecurrence: type: "string" duration: - description: "The maintenance schedule duration: duration value and duration unit. See\nAuto-Tune for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)\nfor more information." + description: "The duration of a maintenance schedule. For more information, see Auto-Tune\nfor Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)." properties: unit: - description: "The unit of a maintenance schedule duration. Valid value is HOUR. See Auto-Tune\nfor Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)\nfor more information." + description: "The unit of a maintenance schedule duration. Valid value is HOUR." type: "string" value: - description: "Integer to specify the value of a maintenance schedule duration. See Auto-Tune\nfor Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html)\nfor more information." + description: "Integer that specifies the value of a maintenance schedule duration." format: "int64" type: "integer" type: "object" @@ -125,12 +147,14 @@ spec: type: "string" type: "object" type: "array" + useOffPeakWindow: + type: "boolean" type: "object" clusterConfig: - description: "Configuration options for a domain. Specifies the instance type and number\nof instances in the domain." + description: "Container for the cluster configuration of a domain." properties: coldStorageOptions: - description: "Specifies the configuration for cold storage options such as enabled" + description: "Container for the parameters required to enable cold storage for an OpenSearch\nService domain. For more information, see Cold storage for Amazon OpenSearch\nService (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cold-storage.html)." properties: enabled: type: "boolean" @@ -147,6 +171,8 @@ spec: type: "integer" instanceType: type: "string" + multiAZWithStandbyEnabled: + type: "boolean" warmCount: format: "int64" type: "integer" @@ -155,7 +181,7 @@ spec: warmType: type: "string" zoneAwarenessConfig: - description: "The zone awareness configuration for the domain cluster, such as the number\nof availability zones." + description: "The zone awareness configuration for an Amazon OpenSearch Service domain." properties: availabilityZoneCount: format: "int64" @@ -165,7 +191,7 @@ spec: type: "boolean" type: "object" cognitoOptions: - description: "Options to specify the Cognito user and identity pools for OpenSearch Dashboards\nauthentication. For more information, see Configuring Amazon Cognito authentication\nfor OpenSearch Dashboards (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html)." + description: "Key-value pairs to configure Amazon Cognito authentication. For more information,\nsee Configuring Amazon Cognito authentication for OpenSearch Dashboards (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html)." properties: enabled: type: "boolean" @@ -177,12 +203,12 @@ spec: type: "string" type: "object" domainEndpointOptions: - description: "Options to specify configurations that will be applied to the domain endpoint." + description: "Additional options for the domain endpoint, such as whether to require HTTPS\nfor all traffic." properties: customEndpoint: type: "string" customEndpointCertificateARN: - description: "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities\n(http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using AWS\nIdentity and Access Management for more information." + description: "The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities\n(https://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using Amazon\nWeb Services Identity and Access Management for more information." type: "string" customEndpointEnabled: type: "boolean" @@ -192,7 +218,7 @@ spec: type: "string" type: "object" ebsOptions: - description: "Options to enable, disable, and specify the type and size of EBS storage\nvolumes." + description: "Container for the parameters required to enable EBS-based storage for an\nOpenSearch Service domain." properties: ebsEnabled: type: "boolean" @@ -206,11 +232,11 @@ spec: format: "int64" type: "integer" volumeType: - description: "The type of EBS volume, standard, gp2, gp3 or io1. See Configuring EBS-based\nStorage (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/opensearch-createupdatedomains.html#opensearch-createdomain-configure-ebs)\nfor more information." + description: "The type of EBS volume that a domain uses. For more information, see Configuring\nEBS-based storage (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/opensearch-createupdatedomains.html#opensearch-createdomain-configure-ebs)." type: "string" type: "object" encryptionAtRestOptions: - description: "Options for encryption of data at rest." + description: "Key-value pairs to enable encryption at rest." properties: enabled: type: "boolean" @@ -218,11 +244,14 @@ spec: type: "string" type: "object" engineVersion: - description: "String of format Elasticsearch_X.Y or OpenSearch_X.Y to specify the engine\nversion for the Amazon OpenSearch Service domain. For example, \"OpenSearch_1.0\"\nor \"Elasticsearch_7.9\". For more information, see Creating and managing Amazon\nOpenSearch Service domains (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains)." + description: "String of format Elasticsearch_X.Y or OpenSearch_X.Y to specify the engine\nversion for the OpenSearch Service domain. For example, OpenSearch_1.0 or\nElasticsearch_7.9. For more information, see Creating and managing Amazon\nOpenSearch Service domains (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains)." + type: "string" + ipAddressType: + description: "Specify either dual stack or IPv4 as your IP address type. Dual stack allows\nyou to share domain resources across IPv4 and IPv6 address types, and is\nthe recommended option. If you set your IP address type to dual stack, you\ncan't change your address type later." type: "string" logPublishingOptions: additionalProperties: - description: "Log Publishing option that is set for a given domain. Attributes and their\ndetails:\n * CloudWatchLogsLogGroupArn: ARN of the Cloudwatch log group to publish\n logs to.\n\n\n * Enabled: Whether the log publishing for a given log type is enabled\n or not." + description: "Specifies whether the Amazon OpenSearch Service domain publishes the OpenSearch\napplication and slow logs to Amazon CloudWatch. For more information, see\nMonitoring OpenSearch logs with Amazon CloudWatch Logs (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createdomain-configure-slow-logs.html).\n\n\nAfter you enable log publishing, you still have to enable the collection\nof slow logs using the OpenSearch REST API." properties: cloudWatchLogsLogGroupARN: description: "ARN of the Cloudwatch log group to publish logs to." @@ -230,32 +259,58 @@ spec: enabled: type: "boolean" type: "object" - description: "Map of LogType and LogPublishingOption, each containing options to publish\na given type of OpenSearch log." + description: "Key-value pairs to configure log publishing." type: "object" name: - description: "The name of the Amazon OpenSearch Service domain you're creating. Domain\nnames are unique across the domains owned by an account within an AWS region.\nDomain names must start with a lowercase letter and can contain the following\ncharacters: a-z (lowercase), 0-9, and - (hyphen)." + description: "Name of the OpenSearch Service domain to create. Domain names are unique\nacross the domains owned by an account within an Amazon Web Services Region." type: "string" nodeToNodeEncryptionOptions: - description: "Node-to-node encryption options." + description: "Enables node-to-node encryption." properties: enabled: type: "boolean" type: "object" + offPeakWindowOptions: + description: "Specifies a daily 10-hour time block during which OpenSearch Service can\nperform configuration changes on the domain, including service software updates\nand Auto-Tune enhancements that require a blue/green deployment. If no options\nare specified, the default start time of 10:00 P.M. local time (for the Region\nthat the domain is created in) is used." + properties: + enabled: + type: "boolean" + offPeakWindow: + description: "A custom 10-hour, low-traffic window during which OpenSearch Service can\nperform mandatory configuration changes on the domain. These actions can\ninclude scheduled service software updates and blue/green Auto-Tune enhancements.\nOpenSearch Service will schedule these actions during the window that you\nspecify.\n\n\nIf you don't specify a window start time, it defaults to 10:00 P.M. local\ntime.\n\n\nFor more information, see Defining off-peak maintenance windows for Amazon\nOpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html)." + properties: + windowStartTime: + description: "The desired start time for an off-peak maintenance window (https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_OffPeakWindow.html)." + properties: + hours: + format: "int64" + type: "integer" + minutes: + format: "int64" + type: "integer" + type: "object" + type: "object" + type: "object" + softwareUpdateOptions: + description: "Software update options for the domain." + properties: + autoSoftwareUpdateEnabled: + type: "boolean" + type: "object" tags: - description: "A list of Tag added during domain creation." + description: "List of tags to add to the domain upon creation." items: - description: "A key value pair for a resource tag." + description: "A tag (key-value pair) for an Amazon OpenSearch Service resource." properties: key: - description: "A string of length from 1 to 128 characters that specifies the key for a\ntag. Tag keys must be unique for the domain to which they're attached." + description: "A string between 1 to 128 characters that specifies the key for a tag. Tag\nkeys must be unique for the domain to which they're attached." type: "string" value: - description: "A string of length from 0 to 256 characters that specifies the value for\na tag. Tag values can be null and don't have to be unique in a tag set." + description: "A string between 0 to 256 characters that specifies the value for a tag.\nTag values can be null and don't have to be unique in a tag set." type: "string" type: "object" type: "array" vpcOptions: - description: "Options to specify the subnets and security groups for a VPC endpoint. For\nmore information, see Launching your Amazon OpenSearch Service domains using\na VPC (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html)." + description: "Container for the values required to configure VPC access domains. If you\ndon't specify these values, OpenSearch Service creates the domain with a\npublic endpoint. For more information, see Launching your Amazon OpenSearch\nService domains using a VPC (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html)." properties: securityGroupIDs: items: @@ -289,12 +344,22 @@ spec: - "region" type: "object" changeProgressDetails: - description: "Specifies change details of the domain configuration change." + description: "Information about a configuration change happening on the domain." properties: changeID: type: "string" + configChangeStatus: + type: "string" + initiatedBy: + type: "string" + lastUpdatedTime: + format: "date-time" + type: "string" message: type: "string" + startTime: + format: "date-time" + type: "string" type: "object" conditions: description: "All CRS managed by ACK have a common `Status.Conditions` member that\ncontains a collection of `ackv1alpha1.Condition` objects that describe\nthe various terminal states of the CR and its backend AWS service API\nresource" @@ -323,24 +388,48 @@ spec: type: "object" type: "array" created: - description: "The domain creation status. True if the creation of a domain is complete.\nFalse if domain creation is still in progress." + description: "Creation status of an OpenSearch Service domain. True if domain creation\nis complete. False if domain creation is still in progress." type: "boolean" deleted: - description: "The domain deletion status. True if a delete request has been received for\nthe domain but resource cleanup is still in progress. False if the domain\nhas not been deleted. Once domain deletion is complete, the status of the\ndomain is no longer returned." + description: "Deletion status of an OpenSearch Service domain. True if domain deletion\nis complete. False if domain deletion is still in progress. Once deletion\nis complete, the status of the domain is no longer returned." type: "boolean" + domainEndpointV2HostedZoneID: + description: "The dual stack hosted zone ID for the domain." + type: "string" domainID: - description: "The unique identifier for the specified domain." + description: "Unique identifier for the domain." + type: "string" + domainProcessingStatus: + description: "The status of any changes that are currently in progress for the domain." type: "string" endpoint: - description: "The domain endpoint that you use to submit index and search requests." + description: "Domain-specific endpoint used to submit index, search, and data upload requests\nto the domain." + type: "string" + endpointV2: + description: "If IPAddressType to set to dualstack, a version 2 domain endpoint is provisioned.\nThis endpoint functions like a normal endpoint, except that it works with\nboth IPv4 and IPv6 IP addresses. Normal endpoints work only with IPv4 IP\naddresses." type: "string" endpoints: additionalProperties: type: "string" - description: "Map containing the domain endpoints used to submit index and search requests.\nExample key, value: 'vpc','vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com'." + description: "The key-value pair that exists if the OpenSearch Service domain uses VPC\nendpoints. For example:\n\n\n * IPv4 IP addresses - 'vpc','vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com'\n\n\n * Dual stack IP addresses - 'vpcv2':'vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.aos.us-east-1.on.aws'" type: "object" + modifyingProperties: + description: "Information about the domain properties that are currently being modified." + items: + description: "Information about the domain properties that are currently being modified." + properties: + activeValue: + type: "string" + name: + type: "string" + pendingValue: + type: "string" + valueType: + type: "string" + type: "object" + type: "array" processing: - description: "The status of the domain configuration. True if Amazon OpenSearch Service\nis processing configuration changes. False if the configuration is active." + description: "The status of the domain configuration. True if OpenSearch Service is processing\nconfiguration changes. False if the configuration is active." type: "boolean" serviceSoftwareOptions: description: "The current status of the domain's service software." @@ -364,14 +453,14 @@ spec: type: "string" type: "object" snapshotOptions: - description: "The status of the SnapshotOptions." + description: "DEPRECATED. Container for parameters required to configure automated snapshots\nof domain indexes." properties: automatedSnapshotStartHour: format: "int64" type: "integer" type: "object" upgradeProcessing: - description: "The status of a domain version upgrade. True if Amazon OpenSearch Service\nis undergoing a version upgrade. False if the configuration is active." + description: "The status of a domain version upgrade to a new version of OpenSearch or\nElasticsearch. True if OpenSearch Service is in the process of a version\nupgrade. False if the configuration is active." type: "boolean" type: "object" type: "object" diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml index f0c550f5f..b90e0562a 100644 --- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml +++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/alertmanagerdefinitions.yaml @@ -46,6 +46,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" required: diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml index 31d4054c7..0a798cedf 100644 --- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml +++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/loggingconfigurations.yaml @@ -50,6 +50,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" required: diff --git a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml index 426107e70..1aacf4e67 100644 --- a/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml +++ b/crd-catalog/aws-controllers-k8s/prometheusservice-controller/prometheusservice.services.k8s.aws/v1alpha1/rulegroupsnamespaces.yaml @@ -56,6 +56,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" required: diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml index 571956038..35b54de69 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbclusters.yaml @@ -75,6 +75,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" dbSubnetGroupName: @@ -88,6 +90,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" dbSystemID: @@ -149,6 +153,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" manageMasterUserPassword: @@ -181,6 +187,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" masterUsername: @@ -290,6 +298,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml index 2e17e0534..fe84d6e1e 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbinstances.yaml @@ -88,6 +88,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" dbSnapshotIdentifier: @@ -104,6 +106,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" deletionProtection: @@ -150,6 +154,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" licenseModel: @@ -185,6 +191,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" masterUsername: @@ -310,6 +318,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml index 1939bbddd..e5c1d687a 100644 --- a/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml +++ b/crd-catalog/aws-controllers-k8s/rds-controller/rds.services.k8s.aws/v1alpha1/dbsubnetgroups.yaml @@ -49,6 +49,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml b/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml index a1982905c..678b49ab1 100644 --- a/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml +++ b/crd-catalog/aws-controllers-k8s/route53-controller/route53.services.k8s.aws/v1alpha1/recordsets.yaml @@ -154,6 +154,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" multiValueAnswer: diff --git a/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml b/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml index a7b3c340a..faf5eed8d 100644 --- a/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml +++ b/crd-catalog/aws-controllers-k8s/route53resolver-controller/route53resolver.services.k8s.aws/v1alpha1/resolverendpoints.yaml @@ -55,6 +55,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "object" @@ -79,6 +81,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" type: "array" diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml index b1ca97581..fa8d6bbc4 100644 --- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml +++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformapplications.yaml @@ -41,6 +41,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" eventEndpointDeleted: @@ -53,6 +55,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" eventEndpointUpdated: @@ -65,6 +69,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" failureFeedbackRoleARN: @@ -77,6 +83,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" name: @@ -99,6 +107,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" successFeedbackSampleRate: diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml index 228354c65..725f1de58 100644 --- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml +++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/platformendpoints.yaml @@ -30,7 +30,6 @@ spec: description: "PlatformEndpointSpec defines the desired state of PlatformEndpoint." properties: customUserData: - description: "Arbitrary user data to associate with the endpoint. Amazon SNS does not use\nthis data. The data must be in UTF-8 format and less than 2KB." type: "string" enabled: type: "string" @@ -38,7 +37,6 @@ spec: description: "PlatformApplicationArn returned from CreatePlatformApplication is used to\ncreate a an endpoint." type: "string" token: - description: "Unique identifier created by the notification service for an app on a device.\nThe specific name for Token will vary, depending on which notification service\nis being used. For example, when using APNS as the notification service,\nyou need the device token. Alternatively, when using GCM (Firebase Cloud\nMessaging) or ADM, the device token equivalent is called the registration\nID." type: "string" required: - "platformApplicationARN" diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml index a354b8af2..72e006d6a 100644 --- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml +++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/subscriptions.yaml @@ -58,6 +58,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" required: diff --git a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml index 03c0d4901..6d17a1bef 100644 --- a/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml +++ b/crd-catalog/aws-controllers-k8s/sns-controller/sns.services.k8s.aws/v1alpha1/topics.yaml @@ -50,6 +50,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" name: @@ -65,6 +67,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" signatureVersion: diff --git a/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml b/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml index dc04fc464..43f4c1d22 100644 --- a/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml +++ b/crd-catalog/aws-controllers-k8s/sqs-controller/sqs.services.k8s.aws/v1alpha1/queues.yaml @@ -47,6 +47,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" maximumMessageSize: @@ -63,6 +65,8 @@ spec: properties: name: type: "string" + namespace: + type: "string" type: "object" type: "object" queueName: diff --git a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml index ecc1a109a..48e6130a3 100644 --- a/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml +++ b/crd-catalog/aws/eks-anywhere/anywhere.eks.amazonaws.com/v1alpha1/bundles.yaml @@ -2718,6 +2718,64 @@ spec: description: "The image repository, name, and tag" type: "string" type: "object" + tinkRelay: + properties: + arch: + description: "Architectures of the asset" + items: + type: "string" + type: "array" + description: + type: "string" + imageDigest: + description: "The SHA256 digest of the image manifest" + type: "string" + name: + description: "The asset name" + type: "string" + os: + description: "Operating system of the asset" + enum: + - "linux" + - "darwin" + - "windows" + type: "string" + osName: + description: "Name of the OS like ubuntu, bottlerocket" + type: "string" + uri: + description: "The image repository, name, and tag" + type: "string" + type: "object" + tinkRelayInit: + properties: + arch: + description: "Architectures of the asset" + items: + type: "string" + type: "array" + description: + type: "string" + imageDigest: + description: "The SHA256 digest of the image manifest" + type: "string" + name: + description: "The asset name" + type: "string" + os: + description: "Operating system of the asset" + enum: + - "linux" + - "darwin" + - "windows" + type: "string" + osName: + description: "Name of the OS like ubuntu, bottlerocket" + type: "string" + uri: + description: "The image repository, name, and tag" + type: "string" + type: "object" tinkServer: properties: arch: @@ -2779,6 +2837,8 @@ spec: required: - "nginx" - "tinkController" + - "tinkRelay" + - "tinkRelayInit" - "tinkServer" - "tinkWorker" type: "object" diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml index 50e81dab9..6607a1b4d 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.k8s.aws/v1/ec2nodeclasses.yaml @@ -77,9 +77,11 @@ spec: type: "string" x-kubernetes-validations: - message: "'alias' is improperly formatted, must match the format 'family@version'" - rule: "self.matches('^[a-zA-Z0-9]*@.*$')" + rule: "self.matches('^[a-zA-Z0-9]+@.+$')" - message: "family is not supported, must be one of the following: 'al2', 'al2023', 'bottlerocket', 'windows2019', 'windows2022'" - rule: "self.find('^[^@]+') in ['al2','al2023','bottlerocket','windows2019','windows2022']" + rule: "self.split('@')[0] in ['al2','al2023','bottlerocket','windows2019','windows2022']" + - message: "windows families may only specify version 'latest'" + rule: "self.split('@')[0] in ['windows2019','windows2022'] ? self.split('@')[1] == 'latest' : true" id: description: "ID is the ami id in EC2" pattern: "ami-[0-9a-z]+" diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml index 8d971f961..56940b598 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodeclaims.yaml @@ -83,6 +83,7 @@ spec: properties: group: description: "API version of the referent" + pattern: "^[^/]*$" type: "string" kind: description: "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\"" diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml index 5f0bf70ad..b57ecb7c0 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1/nodepools.yaml @@ -164,7 +164,7 @@ spec: rule: "self.all(x, x in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !x.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\"))" type: "object" spec: - description: "NodeClaimSpec describes the desired state of the NodeClaim" + description: "NodeClaimTemplateSpec describes the desired state of the NodeClaim in the Nodepool\nNodeClaimTemplateSpec is used in the NodePool's NodeClaimTemplate, with the resource requests omitted since\nusers are not able to set resource requests in the NodePool." properties: expireAfter: default: "720h" @@ -176,6 +176,7 @@ spec: properties: group: description: "API version of the referent" + pattern: "^[^/]*$" type: "string" kind: description: "Kind of the referent; More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds\"" diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml index feba78567..8a830b05c 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodeclaims.yaml @@ -197,6 +197,8 @@ spec: rule: "self in [\"karpenter.sh/capacity-type\", \"karpenter.sh/nodepool\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.sh\")" - message: "label \"kubernetes.io/hostname\" is restricted" rule: "self != \"kubernetes.io/hostname\"" + - message: "label domain \"karpenter.k8s.aws\" is restricted" + rule: "self in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\")" minValues: description: "This field is ALPHA and can be dropped or replaced at any time\nMinValues is the minimum number of unique values required to define the flexibility of the specific requirement." maximum: 50.0 diff --git a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml index 7a07361ec..bcfd4a481 100644 --- a/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml +++ b/crd-catalog/aws/karpenter-provider-aws/karpenter.sh/v1beta1/nodepools.yaml @@ -72,16 +72,6 @@ spec: description: "Nodes dictates the maximum number of NodeClaims owned by this NodePool\nthat can be terminating at once. This is calculated by counting nodes that\nhave a deletion timestamp set, or are actively being deleted by Karpenter.\nThis field is required when specifying a budget.\nThis cannot be of type intstr.IntOrString since kubebuilder doesn't support pattern\nchecking for int nodes for IntOrString nodes.\nRef: https://github.com/kubernetes-sigs/controller-tools/blob/55efe4be40394a288216dab63156b0a64fb82929/pkg/crd/markers/validation.go#L379-L388" pattern: "^((100|[0-9]{1,2})%|[0-9]+)$" type: "string" - reasons: - description: "Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods.\nOtherwise, this will apply to each reason defined.\nallowed reasons are Underutilized, Empty, and Drifted." - items: - description: "DisruptionReason defines valid reasons for disruption budgets." - enum: - - "Underutilized" - - "Empty" - - "Drifted" - type: "string" - type: "array" schedule: description: "Schedule specifies when a budget begins being active, following\nthe upstream cronjob syntax. If omitted, the budget is always active.\nTimezones are not supported.\nThis field is required if Duration is set." pattern: "^(@(annually|yearly|monthly|weekly|daily|midnight|hourly))|((.+)\\s(.+)\\s(.+)\\s(.+)\\s(.+))$" @@ -154,6 +144,8 @@ spec: rule: "self.all(x, x != \"karpenter.sh/nodepool\")" - message: "label \"kubernetes.io/hostname\" is restricted" rule: "self.all(x, x != \"kubernetes.io/hostname\")" + - message: "label domain \"karpenter.k8s.aws\" is restricted" + rule: "self.all(x, x in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !x.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\"))" type: "object" spec: description: "NodeClaimSpec describes the desired state of the NodeClaim" @@ -287,6 +279,8 @@ spec: rule: "self != \"karpenter.sh/nodepool\"" - message: "label \"kubernetes.io/hostname\" is restricted" rule: "self != \"kubernetes.io/hostname\"" + - message: "label domain \"karpenter.k8s.aws\" is restricted" + rule: "self in [\"karpenter.k8s.aws/instance-encryption-in-transit-supported\", \"karpenter.k8s.aws/instance-category\", \"karpenter.k8s.aws/instance-hypervisor\", \"karpenter.k8s.aws/instance-family\", \"karpenter.k8s.aws/instance-generation\", \"karpenter.k8s.aws/instance-local-nvme\", \"karpenter.k8s.aws/instance-size\", \"karpenter.k8s.aws/instance-cpu\",\"karpenter.k8s.aws/instance-cpu-manufacturer\",\"karpenter.k8s.aws/instance-memory\", \"karpenter.k8s.aws/instance-ebs-bandwidth\", \"karpenter.k8s.aws/instance-network-bandwidth\", \"karpenter.k8s.aws/instance-gpu-name\", \"karpenter.k8s.aws/instance-gpu-manufacturer\", \"karpenter.k8s.aws/instance-gpu-count\", \"karpenter.k8s.aws/instance-gpu-memory\", \"karpenter.k8s.aws/instance-accelerator-name\", \"karpenter.k8s.aws/instance-accelerator-manufacturer\", \"karpenter.k8s.aws/instance-accelerator-count\"] || !self.find(\"^([^/]+)\").endsWith(\"karpenter.k8s.aws\")" minValues: description: "This field is ALPHA and can be dropped or replaced at any time\nMinValues is the minimum number of unique values required to define the flexibility of the specific requirement." maximum: 50.0 diff --git a/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml b/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml index 162dcc2b0..00356d07b 100644 --- a/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml +++ b/crd-catalog/cert-manager/cert-manager/acme.cert-manager.io/v1/challenges.yaml @@ -446,6 +446,700 @@ spec: - "name" type: "object" type: "array" + podTemplate: + description: "Optional pod template used to configure the ACME challenge solver pods\nused for HTTP01 challenges." + properties: + metadata: + description: "ObjectMeta overrides for the pod used to solve HTTP01 challenges.\nOnly the 'labels' and 'annotations' fields may be set.\nIf labels or annotations overlap with in-built values, the values here\nwill override the in-built values." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations that should be added to the create ACME HTTP01 solver pods." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels that should be added to the created ACME HTTP01 solver pods." + type: "object" + type: "object" + spec: + description: "PodSpec defines overrides for the HTTP01 challenge solver pod.\nCheck ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields.\nAll other fields will be ignored." + properties: + affinity: + description: "If specified, the pod's scheduling constraints" + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + type: "object" + imagePullSecrets: + description: "If specified, the pod's imagePullSecrets" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + priorityClassName: + description: "If specified, the pod's priorityClassName." + type: "string" + securityContext: + description: "If specified, the pod's security context" + properties: + fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" + runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." + type: "boolean" + runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." + properties: + level: + description: "Level is SELinux level label that applies to the container." + type: "string" + role: + description: "Role is a SELinux role label that applies to the container." + type: "string" + type: + description: "Type is a SELinux type label that applies to the container." + type: "string" + user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + type: "string" + required: + - "type" + type: "object" + supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + items: + format: "int64" + type: "integer" + type: "array" + sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." + items: + description: "Sysctl defines a kernel parameter to be set" + properties: + name: + description: "Name of a property to set" + type: "string" + value: + description: "Value of a property to set" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + type: "object" + serviceAccountName: + description: "If specified, the pod's service account" + type: "string" + tolerations: + description: "If specified, the pod's tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + type: "object" + type: "object" serviceType: description: "Optional service type for Kubernetes solver service. Supported values\nare NodePort or ClusterIP. If unset, defaults to NodePort." type: "string" @@ -1074,6 +1768,78 @@ spec: priorityClassName: description: "If specified, the pod's priorityClassName." type: "string" + securityContext: + description: "If specified, the pod's security context" + properties: + fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" + runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." + type: "boolean" + runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." + properties: + level: + description: "Level is SELinux level label that applies to the container." + type: "string" + role: + description: "Role is a SELinux role label that applies to the container." + type: "string" + type: + description: "Type is a SELinux type label that applies to the container." + type: "string" + user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + type: "string" + required: + - "type" + type: "object" + supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + items: + format: "int64" + type: "integer" + type: "array" + sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." + items: + description: "Sysctl defines a kernel parameter to be set" + properties: + name: + description: "Name of a property to set" + type: "string" + value: + description: "Value of a property to set" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + type: "object" serviceAccountName: description: "If specified, the pod's service account" type: "string" diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml index 08279ed66..6e478d557 100644 --- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml +++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/clusterissuers.yaml @@ -488,6 +488,700 @@ spec: - "name" type: "object" type: "array" + podTemplate: + description: "Optional pod template used to configure the ACME challenge solver pods\nused for HTTP01 challenges." + properties: + metadata: + description: "ObjectMeta overrides for the pod used to solve HTTP01 challenges.\nOnly the 'labels' and 'annotations' fields may be set.\nIf labels or annotations overlap with in-built values, the values here\nwill override the in-built values." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations that should be added to the create ACME HTTP01 solver pods." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels that should be added to the created ACME HTTP01 solver pods." + type: "object" + type: "object" + spec: + description: "PodSpec defines overrides for the HTTP01 challenge solver pod.\nCheck ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields.\nAll other fields will be ignored." + properties: + affinity: + description: "If specified, the pod's scheduling constraints" + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + type: "object" + imagePullSecrets: + description: "If specified, the pod's imagePullSecrets" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + priorityClassName: + description: "If specified, the pod's priorityClassName." + type: "string" + securityContext: + description: "If specified, the pod's security context" + properties: + fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" + runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." + type: "boolean" + runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." + properties: + level: + description: "Level is SELinux level label that applies to the container." + type: "string" + role: + description: "Role is a SELinux role label that applies to the container." + type: "string" + type: + description: "Type is a SELinux type label that applies to the container." + type: "string" + user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + type: "string" + required: + - "type" + type: "object" + supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + items: + format: "int64" + type: "integer" + type: "array" + sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." + items: + description: "Sysctl defines a kernel parameter to be set" + properties: + name: + description: "Name of a property to set" + type: "string" + value: + description: "Value of a property to set" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + type: "object" + serviceAccountName: + description: "If specified, the pod's service account" + type: "string" + tolerations: + description: "If specified, the pod's tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + type: "object" + type: "object" serviceType: description: "Optional service type for Kubernetes solver service. Supported values\nare NodePort or ClusterIP. If unset, defaults to NodePort." type: "string" @@ -1116,6 +1810,78 @@ spec: priorityClassName: description: "If specified, the pod's priorityClassName." type: "string" + securityContext: + description: "If specified, the pod's security context" + properties: + fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" + runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." + type: "boolean" + runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." + properties: + level: + description: "Level is SELinux level label that applies to the container." + type: "string" + role: + description: "Role is a SELinux role label that applies to the container." + type: "string" + type: + description: "Type is a SELinux type label that applies to the container." + type: "string" + user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + type: "string" + required: + - "type" + type: "object" + supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + items: + format: "int64" + type: "integer" + type: "array" + sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." + items: + description: "Sysctl defines a kernel parameter to be set" + properties: + name: + description: "Name of a property to set" + type: "string" + value: + description: "Value of a property to set" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + type: "object" serviceAccountName: description: "If specified, the pod's service account" type: "string" diff --git a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml index d0e3bc9dc..94016e47b 100644 --- a/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml +++ b/crd-catalog/cert-manager/cert-manager/cert-manager.io/v1/issuers.yaml @@ -489,6 +489,700 @@ spec: - "name" type: "object" type: "array" + podTemplate: + description: "Optional pod template used to configure the ACME challenge solver pods\nused for HTTP01 challenges." + properties: + metadata: + description: "ObjectMeta overrides for the pod used to solve HTTP01 challenges.\nOnly the 'labels' and 'annotations' fields may be set.\nIf labels or annotations overlap with in-built values, the values here\nwill override the in-built values." + properties: + annotations: + additionalProperties: + type: "string" + description: "Annotations that should be added to the create ACME HTTP01 solver pods." + type: "object" + labels: + additionalProperties: + type: "string" + description: "Labels that should be added to the created ACME HTTP01 solver pods." + type: "object" + type: "object" + spec: + description: "PodSpec defines overrides for the HTTP01 challenge solver pod.\nCheck ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields.\nAll other fields will be ignored." + properties: + affinity: + description: "If specified, the pod's scheduling constraints" + properties: + nodeAffinity: + description: "Describes node affinity scheduling rules for the pod." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node matches the corresponding matchExpressions; the\nnode(s) with the highest sum are the most preferred." + items: + description: "An empty preferred scheduling term matches all objects with implicit weight 0\n(i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op)." + properties: + preference: + description: "A node selector term, associated with the corresponding weight." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + x-kubernetes-map-type: "atomic" + weight: + description: "Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100." + format: "int32" + type: "integer" + required: + - "preference" + - "weight" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." + properties: + nodeSelectorTerms: + description: "Required. A list of node selector terms. The terms are ORed." + items: + description: "A null or empty node selector term matches no objects. The requirements of\nthem are ANDed.\nThe TopologySelectorTerm type implements a subset of the NodeSelectorTerm." + properties: + matchExpressions: + description: "A list of node selector requirements by node's labels." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchFields: + description: "A list of node selector requirements by node's fields." + items: + description: "A node selector requirement is a selector that contains values, a key, and an operator\nthat relates the key and values." + properties: + key: + description: "The label key that the selector applies to." + type: "string" + operator: + description: "Represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt." + type: "string" + values: + description: "An array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. If the operator is Gt or Lt, the values\narray must have a single element, which will be interpreted as an integer.\nThis array is replaced during a strategic merge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "nodeSelectorTerms" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + podAffinity: + description: "Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + podAntiAffinity: + description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." + properties: + preferredDuringSchedulingIgnoredDuringExecution: + description: "The scheduler will prefer to schedule pods to nodes that satisfy\nthe anti-affinity expressions specified by this field, but it may choose\na node that violates one or more of the expressions. The node that is\nmost preferred is the one with the greatest sum of weights, i.e.\nfor each node that meets all of the scheduling requirements (resource\nrequest, requiredDuringScheduling anti-affinity expressions, etc.),\ncompute a sum by iterating through the elements of this field and adding\n\"weight\" to the sum if the node has pods which matches the corresponding podAffinityTerm; the\nnode(s) with the highest sum are the most preferred." + items: + description: "The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s)" + properties: + podAffinityTerm: + description: "Required. A pod affinity term, associated with the corresponding weight." + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + weight: + description: "weight associated with matching the corresponding podAffinityTerm,\nin the range 1-100." + format: "int32" + type: "integer" + required: + - "podAffinityTerm" + - "weight" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + requiredDuringSchedulingIgnoredDuringExecution: + description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." + items: + description: "Defines a set of pods (namely those matching the labelSelector\nrelative to the given namespace(s)) that this pod should be\nco-located (affinity) or not co-located (anti-affinity) with,\nwhere co-located is defined as running on a node whose value of\nthe label with key matches that of any node on which\na pod of the set of pods is running" + properties: + labelSelector: + description: "A label query over a set of resources, in this case pods.\nIf it's null, this PodAffinityTerm matches with no Pods." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + matchLabelKeys: + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + mismatchLabelKeys: + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + namespaceSelector: + description: "A label query over the set of namespaces that the term applies to.\nThe term is applied to the union of the namespaces selected by this field\nand the ones listed in the namespaces field.\nnull selector and null or empty namespaces list means \"this pod's namespace\".\nAn empty selector ({}) matches all namespaces." + properties: + matchExpressions: + description: "matchExpressions is a list of label selector requirements. The requirements are ANDed." + items: + description: "A label selector requirement is a selector that contains values, a key, and an operator that\nrelates the key and values." + properties: + key: + description: "key is the label key that the selector applies to." + type: "string" + operator: + description: "operator represents a key's relationship to a set of values.\nValid operators are In, NotIn, Exists and DoesNotExist." + type: "string" + values: + description: "values is an array of string values. If the operator is In or NotIn,\nthe values array must be non-empty. If the operator is Exists or DoesNotExist,\nthe values array must be empty. This array is replaced during a strategic\nmerge patch." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "key" + - "operator" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + matchLabels: + additionalProperties: + type: "string" + description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels\nmap is equivalent to an element of matchExpressions, whose key field is \"key\", the\noperator is \"In\", and the values array contains only \"value\". The requirements are ANDed." + type: "object" + type: "object" + x-kubernetes-map-type: "atomic" + namespaces: + description: "namespaces specifies a static list of namespace names that the term applies to.\nThe term is applied to the union of the namespaces listed in this field\nand the ones selected by namespaceSelector.\nnull or empty namespaces list and null namespaceSelector means \"this pod's namespace\"." + items: + type: "string" + type: "array" + x-kubernetes-list-type: "atomic" + topologyKey: + description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." + type: "string" + required: + - "topologyKey" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + type: "object" + type: "object" + imagePullSecrets: + description: "If specified, the pod's imagePullSecrets" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + nodeSelector: + additionalProperties: + type: "string" + description: "NodeSelector is a selector which must be true for the pod to fit on a node.\nSelector which must match a node's labels for the pod to be scheduled on that node.\nMore info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" + type: "object" + priorityClassName: + description: "If specified, the pod's priorityClassName." + type: "string" + securityContext: + description: "If specified, the pod's security context" + properties: + fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" + runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." + type: "boolean" + runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." + properties: + level: + description: "Level is SELinux level label that applies to the container." + type: "string" + role: + description: "Role is a SELinux role label that applies to the container." + type: "string" + type: + description: "Type is a SELinux type label that applies to the container." + type: "string" + user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + type: "string" + required: + - "type" + type: "object" + supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + items: + format: "int64" + type: "integer" + type: "array" + sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." + items: + description: "Sysctl defines a kernel parameter to be set" + properties: + name: + description: "Name of a property to set" + type: "string" + value: + description: "Value of a property to set" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + type: "object" + serviceAccountName: + description: "If specified, the pod's service account" + type: "string" + tolerations: + description: "If specified, the pod's tolerations." + items: + description: "The pod this Toleration is attached to tolerates any taint that matches\nthe triple using the matching operator ." + properties: + effect: + description: "Effect indicates the taint effect to match. Empty means match all taint effects.\nWhen specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute." + type: "string" + key: + description: "Key is the taint key that the toleration applies to. Empty means match all taint keys.\nIf the key is empty, operator must be Exists; this combination means to match all values and all keys." + type: "string" + operator: + description: "Operator represents a key's relationship to the value.\nValid operators are Exists and Equal. Defaults to Equal.\nExists is equivalent to wildcard for value, so that a pod can\ntolerate all taints of a particular category." + type: "string" + tolerationSeconds: + description: "TolerationSeconds represents the period of time the toleration (which must be\nof effect NoExecute, otherwise this field is ignored) tolerates the taint. By default,\nit is not set, which means tolerate the taint forever (do not evict). Zero and\nnegative values will be treated as 0 (evict immediately) by the system." + format: "int64" + type: "integer" + value: + description: "Value is the taint value the toleration matches to.\nIf the operator is Exists, the value should be empty, otherwise just a regular string." + type: "string" + type: "object" + type: "array" + type: "object" + type: "object" serviceType: description: "Optional service type for Kubernetes solver service. Supported values\nare NodePort or ClusterIP. If unset, defaults to NodePort." type: "string" @@ -1117,6 +1811,78 @@ spec: priorityClassName: description: "If specified, the pod's priorityClassName." type: "string" + securityContext: + description: "If specified, the pod's security context" + properties: + fsGroup: + description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + fsGroupChangePolicy: + description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume\nbefore being exposed inside Pod. This field will only apply to\nvolume types which support fsGroup based ownership(and permissions).\nIt will have no effect on ephemeral volume types such as: secret, configmaps\nand emptydir.\nValid values are \"OnRootMismatch\" and \"Always\". If not specified, \"Always\" is used.\nNote that this field cannot be set when spec.os.name is windows." + type: "string" + runAsGroup: + description: "The GID to run the entrypoint of the container process.\nUses runtime default if unset.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + runAsNonRoot: + description: "Indicates that the container must run as a non-root user.\nIf true, the Kubelet will validate the image at runtime to ensure that it\ndoes not run as UID 0 (root) and fail to start the container if it does.\nIf unset or false, no such validation will be performed.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence." + type: "boolean" + runAsUser: + description: "The UID to run the entrypoint of the container process.\nDefaults to user specified in image metadata if unspecified.\nMay also be set in SecurityContext. If set in both SecurityContext and\nPodSecurityContext, the value specified in SecurityContext takes precedence\nfor that container.\nNote that this field cannot be set when spec.os.name is windows." + format: "int64" + type: "integer" + seLinuxOptions: + description: "The SELinux context to be applied to all containers.\nIf unspecified, the container runtime will allocate a random SELinux context for each\ncontainer. May also be set in SecurityContext. If set in\nboth SecurityContext and PodSecurityContext, the value specified in SecurityContext\ntakes precedence for that container.\nNote that this field cannot be set when spec.os.name is windows." + properties: + level: + description: "Level is SELinux level label that applies to the container." + type: "string" + role: + description: "Role is a SELinux role label that applies to the container." + type: "string" + type: + description: "Type is a SELinux type label that applies to the container." + type: "string" + user: + description: "User is a SELinux user label that applies to the container." + type: "string" + type: "object" + seccompProfile: + description: "The seccomp options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile defined in a file on the node should be used.\nThe profile must be preconfigured on the node to work.\nMust be a descending path, relative to the kubelet's configured seccomp profile location.\nMust be set if type is \"Localhost\". Must NOT be set for any other type." + type: "string" + type: + description: "type indicates which kind of seccomp profile will be applied.\nValid options are:\n\n\nLocalhost - a profile defined in a file on the node should be used.\nRuntimeDefault - the container runtime default profile should be used.\nUnconfined - no profile should be applied." + type: "string" + required: + - "type" + type: "object" + supplementalGroups: + description: "A list of groups applied to the first process run in each container, in addition\nto the container's primary GID, the fsGroup (if specified), and group memberships\ndefined in the container image for the uid of the container process. If unspecified,\nno additional groups are added to any container. Note that group memberships\ndefined in the container image for the uid of the container process are still effective,\neven if they are not included in this list.\nNote that this field cannot be set when spec.os.name is windows." + items: + format: "int64" + type: "integer" + type: "array" + sysctls: + description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." + items: + description: "Sysctl defines a kernel parameter to be set" + properties: + name: + description: "Name of a property to set" + type: "string" + value: + description: "Value of a property to set" + type: "string" + required: + - "name" + - "value" + type: "object" + type: "array" + type: "object" serviceAccountName: description: "If specified, the pod's service account" type: "string" diff --git a/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml b/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml index 03a432bd6..d172b8ff7 100644 --- a/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml +++ b/crd-catalog/eclipse-che/che-operator/org.eclipse.che/v2/checlusters.yaml @@ -16,7 +16,7 @@ spec: - name: "v2" schema: openAPIV3Schema: - description: "The `CheCluster` custom resource allows defining and managing Eclipse Che server installation.\nBased on these settings, the Operator automatically creates and maintains several ConfigMaps:\n`che`, `plugin-registry`, `devfile-registry` that will contain the appropriate environment variables\nof the various components of the installation. These generated ConfigMaps must NOT be updated manually." + description: "The `CheCluster` custom resource allows defining and managing Eclipse Che server installation.\nBased on these settings, the Operator automatically creates and maintains several ConfigMaps:\n`che`, `plugin-registry` that will contain the appropriate environment variables\nof the various components of the installation. These generated ConfigMaps must NOT be updated manually." properties: apiVersion: description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" @@ -453,7 +453,7 @@ spec: description: "Configuration settings related to the devfile registry used by the Che installation." properties: deployment: - description: "Deployment override options." + description: "Deprecated deployment override options." properties: containers: description: "List of containers belonging to the pod." @@ -2854,7 +2854,7 @@ spec: description: "Currently installed Che version." type: "string" devfileRegistryURL: - description: "The public URL of the internal devfile registry." + description: "Deprecated the public URL of the internal devfile registry." type: "string" gatewayPhase: description: "Specifies the current phase of the gateway deployment." diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml index 7bb4db460..e889f0850 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/clustersecretstores.yaml @@ -528,6 +528,118 @@ spec: required: - "vaultUrl" type: "object" + beyondtrust: + description: "Beyondtrust configures this store to sync secrets using Password Safe provider." + properties: + auth: + description: "Auth configures how the operator authenticates with Beyondtrust." + properties: + certificate: + description: "Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate." + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + certificateKey: + description: "Certificate private key (key.pem). For use when authenticating with an OAuth client Id" + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + clientId: + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + clientSecret: + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + required: + - "clientId" + - "clientSecret" + type: "object" + server: + description: "Auth configures how API server works." + properties: + apiUrl: + type: "string" + clientTimeOutSeconds: + description: "Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds." + type: "integer" + retrievalType: + description: "The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system." + type: "string" + separator: + description: "A character that separates the folder names." + type: "string" + verifyCA: + type: "boolean" + required: + - "apiUrl" + - "verifyCA" + type: "object" + required: + - "auth" + - "server" + type: "object" bitwardensecretsmanager: description: "BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider" properties: diff --git a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml index 56bc1404f..f46f5c91f 100644 --- a/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml +++ b/crd-catalog/external-secrets/external-secrets/external-secrets.io/v1beta1/secretstores.yaml @@ -528,6 +528,118 @@ spec: required: - "vaultUrl" type: "object" + beyondtrust: + description: "Beyondtrust configures this store to sync secrets using Password Safe provider." + properties: + auth: + description: "Auth configures how the operator authenticates with Beyondtrust." + properties: + certificate: + description: "Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate." + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + certificateKey: + description: "Certificate private key (key.pem). For use when authenticating with an OAuth client Id" + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + clientId: + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + clientSecret: + properties: + secretRef: + description: "SecretRef references a key in a secret that will be used as value." + properties: + key: + description: "The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be\ndefaulted, in others it may be required." + type: "string" + name: + description: "The name of the Secret resource being referred to." + type: "string" + namespace: + description: "Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults\nto the namespace of the referent." + type: "string" + type: "object" + value: + description: "Value can be specified directly to set a value without using a secret." + type: "string" + type: "object" + required: + - "clientId" + - "clientSecret" + type: "object" + server: + description: "Auth configures how API server works." + properties: + apiUrl: + type: "string" + clientTimeOutSeconds: + description: "Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds." + type: "integer" + retrievalType: + description: "The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system." + type: "string" + separator: + description: "A character that separates the folder names." + type: "string" + verifyCA: + type: "boolean" + required: + - "apiUrl" + - "verifyCA" + type: "object" + required: + - "auth" + - "server" + type: "object" bitwardensecretsmanager: description: "BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider" properties: diff --git a/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/alluxioruntimes.yaml b/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/alluxioruntimes.yaml index 1185f8d9e..fcd6be23a 100644 --- a/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/alluxioruntimes.yaml +++ b/crd-catalog/fluid-cloudnative/fluid/data.fluid.io/v1alpha1/alluxioruntimes.yaml @@ -98,6 +98,17 @@ spec: type: "string" description: "Environment variables that will be used by Alluxio component.
" type: "object" + imagePullSecrets: + description: "ImagePullSecrets that will be used to pull images" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" jvmOptions: description: "Options for JVM" items: @@ -246,6 +257,17 @@ spec: imagePullPolicy: description: "One of the three policies: `Always`, `IfNotPresent`, `Never`" type: "string" + imagePullSecrets: + description: "ImagePullSecrets that will be used to pull images" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" imageTag: description: "Image Tag for Alluxio Fuse(e.g. 2.3.0-SNAPSHOT)" type: "string" @@ -354,6 +376,17 @@ spec: hadoopConfig: description: "Name of the configMap used to support HDFS configurations when using HDFS as Alluxio's UFS. The configMap\nmust be in the same namespace with the AlluxioRuntime. The configMap should contain user-specific HDFS conf files in it.\nFor now, only \"hdfs-site.xml\" and \"core-site.xml\" are supported. It must take the filename of the conf file as the key and content\nof the file as the value." type: "string" + imagePullSecrets: + description: "ImagePullSecrets that will be used to pull images" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" initUsers: description: "The spec of init users" properties: @@ -420,6 +453,17 @@ spec: type: "string" description: "Environment variables that will be used by Alluxio component.
" type: "object" + imagePullSecrets: + description: "ImagePullSecrets that will be used to pull images" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" jvmOptions: description: "Options for JVM" items: @@ -543,6 +587,17 @@ spec: type: "string" description: "Environment variables that will be used by Alluxio component.
" type: "object" + imagePullSecrets: + description: "ImagePullSecrets that will be used to pull images" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" jvmOptions: description: "Options for JVM" items: @@ -697,6 +752,17 @@ spec: type: "string" description: "Environment variables that will be used by Alluxio component.
" type: "object" + imagePullSecrets: + description: "ImagePullSecrets that will be used to pull images" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" jvmOptions: description: "Options for JVM" items: @@ -2882,6 +2948,17 @@ spec: type: "string" description: "Environment variables that will be used by Alluxio component.
" type: "object" + imagePullSecrets: + description: "ImagePullSecrets that will be used to pull images" + items: + description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." + properties: + name: + description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + type: "string" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" jvmOptions: description: "Options for JVM" items: diff --git a/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml b/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml index d63831f28..112ba5819 100644 --- a/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml +++ b/crd-catalog/fluxcd/source-controller/source.toolkit.fluxcd.io/v1beta2/buckets.yaml @@ -118,6 +118,22 @@ spec: required: - "name" type: "object" + sts: + description: "STS specifies the required configuration to use a Security Token\nService for fetching temporary credentials to authenticate in a\nBucket provider.\n\n\nThis field is only supported for the `aws` provider." + properties: + endpoint: + description: "Endpoint is the HTTP/S endpoint of the Security Token Service from\nwhere temporary credentials will be fetched." + pattern: "^(http|https)://.*$" + type: "string" + provider: + description: "Provider of the Security Token Service." + enum: + - "aws" + type: "string" + required: + - "endpoint" + - "provider" + type: "object" suspend: description: "Suspend tells the controller to suspend the reconciliation of this\nBucket." type: "boolean" @@ -131,6 +147,11 @@ spec: - "endpoint" - "interval" type: "object" + x-kubernetes-validations: + - message: "STS configuration is only supported for the 'aws' Bucket provider" + rule: "self.provider == 'aws' || !has(self.sts)" + - message: "'aws' is the only supported STS provider for the 'aws' Bucket provider" + rule: "self.provider != 'aws' || !has(self.sts) || self.sts.provider == 'aws'" status: default: observedGeneration: -1 diff --git a/crd-catalog/jaegertracing/jaeger-operator/jaegertracing.io/v1/jaegers.yaml b/crd-catalog/jaegertracing/jaeger-operator/jaegertracing.io/v1/jaegers.yaml index 4f69331f3..66eba91e5 100644 --- a/crd-catalog/jaegertracing/jaeger-operator/jaegertracing.io/v1/jaegers.yaml +++ b/crd-catalog/jaegertracing/jaeger-operator/jaegertracing.io/v1/jaegers.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.12.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "jaegers.jaegertracing.io" spec: group: "jaegertracing.io" diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml index 4cfb7988d..6545461c9 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/clusterpropagationpolicies.yaml @@ -85,6 +85,10 @@ spec: purgeMode: default: "Graciously" description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\".\nDefaults to \"Graciously\"." + enum: + - "Immediately" + - "Graciously" + - "Never" type: "string" required: - "decisionConditions" @@ -486,6 +490,22 @@ spec: default: "default-scheduler" description: "SchedulerName represents which scheduler to proceed the scheduling.\nIf specified, the policy will be dispatched by specified scheduler.\nIf not specified, the policy will be dispatched by default scheduler." type: "string" + suspension: + description: "Suspension declares the policy for suspending different aspects of propagation.\nnil means no suspension. no default values." + properties: + dispatching: + description: "Dispatching controls whether dispatching should be suspended.\nnil means not suspend, no default value, only accepts 'true'.\nNote: true means stop propagating to all clusters. Can not co-exist\nwith DispatchingOnClusters which is used to suspend particular clusters." + type: "boolean" + dispatchingOnClusters: + description: "DispatchingOnClusters declares a list of clusters to which the dispatching\nshould be suspended.\nNote: Can not co-exist with Dispatching which is used to suspend all." + properties: + clusterNames: + description: "ClusterNames is the list of clusters to be selected." + items: + type: "string" + type: "array" + type: "object" + type: "object" required: - "resourceSelectors" type: "object" diff --git a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml index 9c69d3a68..8435a1334 100644 --- a/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml +++ b/crd-catalog/karmada-io/karmada/policy.karmada.io/v1alpha1/propagationpolicies.yaml @@ -85,6 +85,10 @@ spec: purgeMode: default: "Graciously" description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\".\nDefaults to \"Graciously\"." + enum: + - "Immediately" + - "Graciously" + - "Never" type: "string" required: - "decisionConditions" @@ -486,6 +490,22 @@ spec: default: "default-scheduler" description: "SchedulerName represents which scheduler to proceed the scheduling.\nIf specified, the policy will be dispatched by specified scheduler.\nIf not specified, the policy will be dispatched by default scheduler." type: "string" + suspension: + description: "Suspension declares the policy for suspending different aspects of propagation.\nnil means no suspension. no default values." + properties: + dispatching: + description: "Dispatching controls whether dispatching should be suspended.\nnil means not suspend, no default value, only accepts 'true'.\nNote: true means stop propagating to all clusters. Can not co-exist\nwith DispatchingOnClusters which is used to suspend particular clusters." + type: "boolean" + dispatchingOnClusters: + description: "DispatchingOnClusters declares a list of clusters to which the dispatching\nshould be suspended.\nNote: Can not co-exist with Dispatching which is used to suspend all." + properties: + clusterNames: + description: "ClusterNames is the list of clusters to be selected." + items: + type: "string" + type: "array" + type: "object" + type: "object" required: - "resourceSelectors" type: "object" diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml index 9bdb0404d..99a382f33 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha1/works.yaml @@ -43,6 +43,9 @@ spec: spec: description: "Spec represents the desired behavior of Work." properties: + suspendDispatching: + description: "SuspendDispatching controls whether dispatching should\nbe suspended, nil means not suspend.\nNote: true means stop propagating to all clusters." + type: "boolean" workload: description: "Workload represents the manifest workload to be deployed on managed cluster." properties: diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml index d1f0db37b..151512b41 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/clusterresourcebindings.yaml @@ -88,6 +88,10 @@ spec: purgeMode: default: "Graciously" description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\".\nDefaults to \"Graciously\"." + enum: + - "Immediately" + - "Graciously" + - "Never" type: "string" required: - "decisionConditions" @@ -640,6 +644,22 @@ spec: schedulerName: description: "SchedulerName represents which scheduler to proceed the scheduling.\nIt inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy)." type: "string" + suspension: + description: "Suspension declares the policy for suspending different aspects of propagation.\nnil means no suspension. no default values." + properties: + dispatching: + description: "Dispatching controls whether dispatching should be suspended.\nnil means not suspend, no default value, only accepts 'true'.\nNote: true means stop propagating to all clusters. Can not co-exist\nwith DispatchingOnClusters which is used to suspend particular clusters." + type: "boolean" + dispatchingOnClusters: + description: "DispatchingOnClusters declares a list of clusters to which the dispatching\nshould be suspended.\nNote: Can not co-exist with Dispatching which is used to suspend all." + properties: + clusterNames: + description: "ClusterNames is the list of clusters to be selected." + items: + type: "string" + type: "array" + type: "object" + type: "object" required: - "resource" type: "object" diff --git a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml index 8072033fc..29d61ec7c 100644 --- a/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml +++ b/crd-catalog/karmada-io/karmada/work.karmada.io/v1alpha2/resourcebindings.yaml @@ -88,6 +88,10 @@ spec: purgeMode: default: "Graciously" description: "PurgeMode represents how to deal with the legacy applications on the\ncluster from which the application is migrated.\nValid options are \"Immediately\", \"Graciously\" and \"Never\".\nDefaults to \"Graciously\"." + enum: + - "Immediately" + - "Graciously" + - "Never" type: "string" required: - "decisionConditions" @@ -640,6 +644,22 @@ spec: schedulerName: description: "SchedulerName represents which scheduler to proceed the scheduling.\nIt inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy)." type: "string" + suspension: + description: "Suspension declares the policy for suspending different aspects of propagation.\nnil means no suspension. no default values." + properties: + dispatching: + description: "Dispatching controls whether dispatching should be suspended.\nnil means not suspend, no default value, only accepts 'true'.\nNote: true means stop propagating to all clusters. Can not co-exist\nwith DispatchingOnClusters which is used to suspend particular clusters." + type: "boolean" + dispatchingOnClusters: + description: "DispatchingOnClusters declares a list of clusters to which the dispatching\nshould be suspended.\nNote: Can not co-exist with Dispatching which is used to suspend all." + properties: + clusterNames: + description: "ClusterNames is the list of clusters to be selected." + items: + type: "string" + type: "array" + type: "object" + type: "object" required: - "resource" type: "object" diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml index 74cf2e19f..da4e143c8 100644 --- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml +++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/clustertriggerauthentications.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "clustertriggerauthentications.keda.sh" spec: group: "keda.sh" diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledjobs.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledjobs.yaml index fbf67de3b..00c90978e 100644 --- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledjobs.yaml +++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledjobs.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "scaledjobs.keda.sh" spec: group: "keda.sh" diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml index de7a9d9f7..bc4a5168a 100644 --- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml +++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/scaledobjects.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "scaledobjects.keda.sh" spec: group: "keda.sh" diff --git a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml index 1e5e3483c..b0368126a 100644 --- a/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml +++ b/crd-catalog/kedacore/keda/keda.sh/v1alpha1/triggerauthentications.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.14.0" + controller-gen.kubebuilder.io/version: "v0.15.0" name: "triggerauthentications.keda.sh" spec: group: "keda.sh" diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml index 3e19bb90c..7c29fe282 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngclusteroutputs.yaml @@ -1881,6 +1881,177 @@ spec: workers: type: "integer" type: "object" + opentelemetry: + properties: + auth: + properties: + adc: + type: "object" + alts: + properties: + target-service-accounts: + items: + type: "string" + type: "array" + type: "object" + insecure: + type: "object" + tls: + properties: + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + cert_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + key_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + type: "object" + type: "object" + batch-bytes: + type: "integer" + batch-lines: + type: "integer" + batch-timeout: + type: "integer" + channel_args: + additionalProperties: + type: "string" + type: "object" + compression: + type: "boolean" + disk_buffer: + properties: + compaction: + type: "boolean" + dir: + type: "string" + disk_buf_size: + format: "int64" + type: "integer" + mem_buf_length: + format: "int64" + type: "integer" + mem_buf_size: + format: "int64" + type: "integer" + q_out_size: + format: "int64" + type: "integer" + reliable: + type: "boolean" + required: + - "disk_buf_size" + - "reliable" + type: "object" + url: + type: "string" + required: + - "url" + type: "object" redis: properties: auth: diff --git a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml index e37a6def2..a25e37458 100644 --- a/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml +++ b/crd-catalog/kube-logging/logging-operator/logging.banzaicloud.io/v1beta1/syslogngoutputs.yaml @@ -1877,6 +1877,177 @@ spec: workers: type: "integer" type: "object" + opentelemetry: + properties: + auth: + properties: + adc: + type: "object" + alts: + properties: + target-service-accounts: + items: + type: "string" + type: "array" + type: "object" + insecure: + type: "object" + tls: + properties: + ca_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + cert_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + key_file: + properties: + mountFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + value: + type: "string" + valueFrom: + properties: + secretKeyRef: + properties: + key: + type: "string" + name: + default: "" + type: "string" + optional: + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + type: "object" + type: "object" + type: "object" + batch-bytes: + type: "integer" + batch-lines: + type: "integer" + batch-timeout: + type: "integer" + channel_args: + additionalProperties: + type: "string" + type: "object" + compression: + type: "boolean" + disk_buffer: + properties: + compaction: + type: "boolean" + dir: + type: "string" + disk_buf_size: + format: "int64" + type: "integer" + mem_buf_length: + format: "int64" + type: "integer" + mem_buf_size: + format: "int64" + type: "integer" + q_out_size: + format: "int64" + type: "integer" + reliable: + type: "boolean" + required: + - "disk_buf_size" + - "reliable" + type: "object" + url: + type: "string" + required: + - "url" + type: "object" redis: properties: auth: diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml index 8ca8485ef..2fca2c871 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1/httproutes.yaml @@ -1021,14 +1021,14 @@ spec: - message: "AbsoluteTimeout must be specified when cookie lifetimeType is Permanent" rule: "!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType != 'Permanent' || has(self.absoluteTimeout)" timeouts: - description: "Timeouts defines the timeouts that can be configured for an HTTP request.\n\n\nSupport: Extended\n\n\n" + description: "Timeouts defines the timeouts that can be configured for an HTTP request.\n\n\nSupport: Extended" properties: backendRequest: - description: "BackendRequest specifies a timeout for an individual request from the gateway\nto a backend. This covers the time from when the request first starts being\nsent from the gateway to when the full response has been received from the backend.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nAn entire client HTTP transaction with a gateway, covered by the Request timeout,\nmay result in more than one call from the gateway to the destination backend,\nfor example, if automatic retries are supported.\n\n\nBecause the Request timeout encompasses the BackendRequest timeout, the value of\nBackendRequest must be <= the value of Request timeout.\n\n\nSupport: Extended" + description: "BackendRequest specifies a timeout for an individual request from the gateway\nto a backend. This covers the time from when the request first starts being\nsent from the gateway to when the full response has been received from the backend.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nAn entire client HTTP transaction with a gateway, covered by the Request timeout,\nmay result in more than one call from the gateway to the destination backend,\nfor example, if automatic retries are supported.\n\n\nThe value of BackendRequest must be a Gateway API Duration string as defined by\nGEP-2257. When this field is unspecified, its behavior is implementation-specific;\nwhen specified, the value of BackendRequest must be no more than the value of the\nRequest timeout (since the Request timeout encompasses the BackendRequest timeout).\n\n\nSupport: Extended" pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" type: "string" request: - description: "Request specifies the maximum duration for a gateway to respond to an HTTP request.\nIf the gateway has not been able to respond before this deadline is met, the gateway\nMUST return a timeout error.\n\n\nFor example, setting the `rules.timeouts.request` field to the value `10s` in an\n`HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds\nto complete.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nThis timeout is intended to cover as close to the whole request-response transaction\nas possible although an implementation MAY choose to start the timeout after the entire\nrequest stream has been received instead of immediately after the transaction is\ninitiated by the client.\n\n\nWhen this field is unspecified, request timeout behavior is implementation-specific.\n\n\nSupport: Extended" + description: "Request specifies the maximum duration for a gateway to respond to an HTTP request.\nIf the gateway has not been able to respond before this deadline is met, the gateway\nMUST return a timeout error.\n\n\nFor example, setting the `rules.timeouts.request` field to the value `10s` in an\n`HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds\nto complete.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nThis timeout is intended to cover as close to the whole request-response transaction\nas possible although an implementation MAY choose to start the timeout after the entire\nrequest stream has been received instead of immediately after the transaction is\ninitiated by the client.\n\n\nThe value of Request is a Gateway API Duration string as defined by GEP-2257. When this\nfield is unspecified, request timeout behavior is implementation-specific.\n\n\nSupport: Extended" pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" type: "string" type: "object" diff --git a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml index 4463dd1e1..b0696bc3d 100644 --- a/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml +++ b/crd-catalog/kubernetes-sigs/gateway-api/gateway.networking.k8s.io/v1beta1/httproutes.yaml @@ -1021,14 +1021,14 @@ spec: - message: "AbsoluteTimeout must be specified when cookie lifetimeType is Permanent" rule: "!has(self.cookieConfig) || !has(self.cookieConfig.lifetimeType) || self.cookieConfig.lifetimeType != 'Permanent' || has(self.absoluteTimeout)" timeouts: - description: "Timeouts defines the timeouts that can be configured for an HTTP request.\n\n\nSupport: Extended\n\n\n" + description: "Timeouts defines the timeouts that can be configured for an HTTP request.\n\n\nSupport: Extended" properties: backendRequest: - description: "BackendRequest specifies a timeout for an individual request from the gateway\nto a backend. This covers the time from when the request first starts being\nsent from the gateway to when the full response has been received from the backend.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nAn entire client HTTP transaction with a gateway, covered by the Request timeout,\nmay result in more than one call from the gateway to the destination backend,\nfor example, if automatic retries are supported.\n\n\nBecause the Request timeout encompasses the BackendRequest timeout, the value of\nBackendRequest must be <= the value of Request timeout.\n\n\nSupport: Extended" + description: "BackendRequest specifies a timeout for an individual request from the gateway\nto a backend. This covers the time from when the request first starts being\nsent from the gateway to when the full response has been received from the backend.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nAn entire client HTTP transaction with a gateway, covered by the Request timeout,\nmay result in more than one call from the gateway to the destination backend,\nfor example, if automatic retries are supported.\n\n\nThe value of BackendRequest must be a Gateway API Duration string as defined by\nGEP-2257. When this field is unspecified, its behavior is implementation-specific;\nwhen specified, the value of BackendRequest must be no more than the value of the\nRequest timeout (since the Request timeout encompasses the BackendRequest timeout).\n\n\nSupport: Extended" pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" type: "string" request: - description: "Request specifies the maximum duration for a gateway to respond to an HTTP request.\nIf the gateway has not been able to respond before this deadline is met, the gateway\nMUST return a timeout error.\n\n\nFor example, setting the `rules.timeouts.request` field to the value `10s` in an\n`HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds\nto complete.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nThis timeout is intended to cover as close to the whole request-response transaction\nas possible although an implementation MAY choose to start the timeout after the entire\nrequest stream has been received instead of immediately after the transaction is\ninitiated by the client.\n\n\nWhen this field is unspecified, request timeout behavior is implementation-specific.\n\n\nSupport: Extended" + description: "Request specifies the maximum duration for a gateway to respond to an HTTP request.\nIf the gateway has not been able to respond before this deadline is met, the gateway\nMUST return a timeout error.\n\n\nFor example, setting the `rules.timeouts.request` field to the value `10s` in an\n`HTTPRoute` will cause a timeout if a client request is taking longer than 10 seconds\nto complete.\n\n\nSetting a timeout to the zero duration (e.g. \"0s\") SHOULD disable the timeout\ncompletely. Implementations that cannot completely disable the timeout MUST\ninstead interpret the zero duration as the longest possible value to which\nthe timeout can be set.\n\n\nThis timeout is intended to cover as close to the whole request-response transaction\nas possible although an implementation MAY choose to start the timeout after the entire\nrequest stream has been received instead of immediately after the transaction is\ninitiated by the client.\n\n\nThe value of Request is a Gateway API Duration string as defined by GEP-2257. When this\nfield is unspecified, request timeout behavior is implementation-specific.\n\n\nSupport: Extended" pattern: "^([0-9]{1,5}(h|m|s|ms)){1,4}$" type: "string" type: "object" diff --git a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml index 6418efd2b..d64cae298 100644 --- a/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml +++ b/crd-catalog/kubernetes-sigs/jobset/jobset.x-k8s.io/v1alpha2/jobsets.yaml @@ -182,6 +182,9 @@ spec: description: "Specifies the desired number of successfully finished pods the\njob should be run with. Setting to null means that the success of any\npod signals the success of all pods, and allows parallelism to have any positive\nvalue. Setting to 1 means that parallelism is limited to 1 and the success of that\npod signals the success of the job.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/" format: "int32" type: "integer" + managedBy: + description: "ManagedBy field indicates the controller that manages a Job. The k8s Job\ncontroller reconciles jobs which don't have this field at all or the field\nvalue is the reserved string `kubernetes.io/job-controller`, but skips\nreconciling Jobs with a custom value for this field.\nThe value must be a valid domain-prefixed path (e.g. acme.io/foo) -\nall characters before the first \"/\" must be a valid subdomain as defined\nby RFC 1123. All characters trailing the first \"/\" must be valid HTTP Path\ncharacters as defined by RFC 3986. The value cannot exceed 64 characters.\n\n\nThis field is alpha-level. The job controller accepts setting the field\nwhen the feature gate JobManagedBy is enabled (disabled by default)." + type: "string" manualSelector: description: "manualSelector controls generation of pod labels and pod selectors.\nLeave `manualSelector` unset unless you are certain what you are doing.\nWhen false or unset, the system pick labels unique to this job\nand appends those labels to the pod template. When true,\nthe user is responsible for picking unique labels and specifying\nthe selector. Failure to pick a unique label may cause this\nand other jobs to not function correctly. However, You may see\n`manualSelector=true` in jobs that were created with the old `extensions/v1beta1`\nAPI.\nMore info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/#specifying-your-own-pod-selector" type: "boolean" @@ -271,11 +274,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -283,6 +288,27 @@ spec: type: "object" type: "object" x-kubernetes-map-type: "atomic" + successPolicy: + description: "successPolicy specifies the policy when the Job can be declared as succeeded.\nIf empty, the default behavior applies - the Job is declared as succeeded\nonly when the number of succeeded pods equals to the completions.\nWhen the field is specified, it must be immutable and works only for the Indexed Jobs.\nOnce the Job meets the SuccessPolicy, the lingering pods are terminated.\n\n\nThis field is alpha-level. To use this field, you must enable the\n`JobSuccessPolicy` feature gate (disabled by default)." + properties: + rules: + description: "rules represents the list of alternative rules for the declaring the Jobs\nas successful before `.status.succeeded >= .spec.completions`. Once any of the rules are met,\nthe \"SucceededCriteriaMet\" condition is added, and the lingering pods are removed.\nThe terminal state for such a Job has the \"Complete\" condition.\nAdditionally, these rules are evaluated in order; Once the Job meets one of the rules,\nother rules are ignored. At most 20 elements are allowed." + items: + description: "SuccessPolicyRule describes rule for declaring a Job as succeeded.\nEach rule must have at least one of the \"succeededIndexes\" or \"succeededCount\" specified." + properties: + succeededCount: + description: "succeededCount specifies the minimal required size of the actual set of the succeeded indexes\nfor the Job. When succeededCount is used along with succeededIndexes, the check is\nconstrained only to the set of indexes specified by succeededIndexes.\nFor example, given that succeededIndexes is \"1-4\", succeededCount is \"3\",\nand completed indexes are \"1\", \"3\", and \"5\", the Job isn't declared as succeeded\nbecause only \"1\" and \"3\" indexes are considered in that rules.\nWhen this field is null, this doesn't default to any value and\nis never evaluated at any time.\nWhen specified it needs to be a positive integer." + format: "int32" + type: "integer" + succeededIndexes: + description: "succeededIndexes specifies the set of indexes\nwhich need to be contained in the actual set of the succeeded indexes for the Job.\nThe list of indexes must be within 0 to \".spec.completions-1\" and\nmust not contain duplicates. At least one element is required.\nThe indexes are represented as intervals separated by commas.\nThe intervals can be a decimal integer or a pair of decimal integers separated by a hyphen.\nThe number are listed in represented by the first and last element of the series,\nseparated by a hyphen.\nFor example, if the completed indexes are 1, 3, 4, 5 and 7, they are\nrepresented as \"1,3-5,7\".\nWhen this field is null, this field doesn't default to any value\nand is never evaluated at any time." + type: "string" + type: "object" + type: "array" + x-kubernetes-list-type: "atomic" + required: + - "rules" + type: "object" suspend: description: "suspend specifies whether the Job controller should create Pods or not. If\na Job is created with suspend set to true, no Pods are created by the Job\ncontroller. If a Job is suspended after creation (i.e. the flag goes from\nfalse to true), the Job controller will delete all active Pods associated\nwith this Job. Users must design their workload to gracefully handle this.\nSuspending a Job will reset the StartTime field of the Job, effectively\nresetting the ActiveDeadlineSeconds timer too. Defaults to false." type: "boolean" @@ -346,11 +372,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -367,11 +395,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" weight: @@ -383,6 +413,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to an update), the system\nmay or may not try to eventually evict the pod from its node." properties: @@ -407,11 +438,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchFields: description: "A list of node selector requirements by node's fields." items: @@ -428,14 +461,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-type: "atomic" required: - "nodeSelectorTerms" type: "object" @@ -471,11 +507,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -484,13 +522,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -514,11 +552,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -531,6 +571,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -546,6 +587,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -570,11 +612,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -583,13 +627,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -613,11 +657,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -630,6 +676,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -637,6 +684,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" podAntiAffinity: description: "Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s))." @@ -668,11 +716,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -681,13 +731,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -711,11 +761,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -728,6 +780,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -743,6 +796,7 @@ spec: - "weight" type: "object" type: "array" + x-kubernetes-list-type: "atomic" requiredDuringSchedulingIgnoredDuringExecution: description: "If the anti-affinity requirements specified by this field are not met at\nscheduling time, the pod will not be scheduled onto the node.\nIf the anti-affinity requirements specified by this field cease to be met\nat some point during pod execution (e.g. due to a pod label update), the\nsystem may or may not try to eventually evict the pod from its node.\nWhen there are multiple elements, the lists of nodes corresponding to each\npodAffinityTerm are intersected, i.e. all terms must be satisfied." items: @@ -767,11 +821,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -780,13 +836,13 @@ spec: type: "object" x-kubernetes-map-type: "atomic" matchLabelKeys: - description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MatchLabelKeys and LabelSelector.\nAlso, MatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both matchLabelKeys and labelSelector.\nAlso, matchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" x-kubernetes-list-type: "atomic" mismatchLabelKeys: - description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both MismatchLabelKeys and LabelSelector.\nAlso, MismatchLabelKeys cannot be set when LabelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." + description: "MismatchLabelKeys is a set of pod label keys to select which pods will\nbe taken into consideration. The keys are used to lookup values from the\nincoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)`\nto select the group of existing pods which pods will be taken into consideration\nfor the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming\npod labels will be ignored. The default value is empty.\nThe same key is forbidden to exist in both mismatchLabelKeys and labelSelector.\nAlso, mismatchLabelKeys cannot be set when labelSelector isn't set.\nThis is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate." items: type: "string" type: "array" @@ -810,11 +866,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -827,6 +885,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" topologyKey: description: "This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching\nthe labelSelector in the specified namespaces, where co-located is defined as running on a node\nwhose value of the label with key topologyKey matches that of any node on which any of the\nselected pods is running.\nEmpty topologyKey is not allowed." type: "string" @@ -834,6 +893,7 @@ spec: - "topologyKey" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" type: "object" automountServiceAccountToken: @@ -849,11 +909,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -875,7 +937,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -924,7 +987,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -938,6 +1002,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -947,7 +1014,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -961,7 +1029,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -970,6 +1039,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -990,6 +1060,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1013,6 +1084,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1065,6 +1137,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1088,6 +1161,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1141,6 +1215,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1181,6 +1256,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1277,6 +1353,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1317,6 +1394,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1431,6 +1509,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -1440,12 +1530,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -1523,6 +1615,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -1563,6 +1656,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1645,6 +1739,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -1654,7 +1751,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -1662,6 +1759,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -1673,6 +1773,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -1680,6 +1783,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" dnsConfig: description: "Specifies the DNS parameters of a pod.\nParameters specified here will be merged to the generated DNS\nconfiguration based on DNSPolicy." properties: @@ -1688,6 +1794,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" options: description: "A list of DNS resolver options.\nThis will be merged with the base options generated from DNSPolicy.\nDuplicated entries will be removed. Resolution options given in Options\nwill override those that appear in the base DNSPolicy." items: @@ -1700,11 +1807,13 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" searches: description: "A list of DNS search domains for host-name lookup.\nThis will be appended to the base search paths generated from DNSPolicy.\nDuplicated search paths will be removed." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" dnsPolicy: description: "Set DNS policy for the pod.\nDefaults to \"ClusterFirst\".\nValid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'.\nDNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy.\nTo have DNS options set along with hostNetwork, you have to specify DNS policy\nexplicitly to 'ClusterFirstWithHostNet'." @@ -1722,11 +1831,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -1748,7 +1859,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -1797,7 +1909,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -1811,6 +1924,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -1820,7 +1936,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -1834,7 +1951,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -1843,6 +1961,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images" type: "string" @@ -1863,6 +1982,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1886,6 +2006,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -1938,6 +2059,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -1961,6 +2083,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2014,6 +2137,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2054,6 +2178,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2150,6 +2275,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2190,6 +2316,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2304,6 +2431,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -2313,12 +2452,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -2396,6 +2537,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2436,6 +2578,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2521,6 +2664,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers.\nCannot be updated." items: @@ -2530,7 +2676,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -2538,6 +2684,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -2549,6 +2698,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -2556,8 +2708,11 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" hostAliases: - description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts\nfile if specified. This is only valid for non-hostNetwork pods." + description: "HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts\nfile if specified." items: description: "HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the\npod's hosts file." properties: @@ -2566,11 +2721,17 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" ip: description: "IP address of the host file entry." type: "string" + required: + - "ip" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "ip" + x-kubernetes-list-type: "map" hostIPC: description: "Use the host's ipc namespace.\nOptional: Default to false." type: "boolean" @@ -2592,11 +2753,15 @@ spec: description: "LocalObjectReference contains enough information to let you locate the\nreferenced object inside the same namespace." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" initContainers: description: "List of initialization containers belonging to the pod.\nInit containers are executed in order prior to containers being started. If any\ninit container fails, the pod is considered to have failed and is handled according\nto its restartPolicy. The name for an init container or normal container must be\nunique among all containers.\nInit containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes.\nThe resourceRequirements of an init container are taken into account during scheduling\nby finding the highest request/limit for each resource type, and then using the max of\nof that value or the sum of the normal containers. Limits are applied to init containers\nin a similar fashion.\nInit containers cannot currently be added or removed.\nCannot be updated.\nMore info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/" items: @@ -2607,11 +2772,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" command: description: "Entrypoint array. Not executed within a shell.\nThe container image's ENTRYPOINT is used if this is not provided.\nVariable references $(VAR_NAME) are expanded using the container's environment. If a variable\ncannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced\nto a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. \"$$(VAR_NAME)\" will\nproduce the string literal \"$(VAR_NAME)\". Escaped references will never be expanded, regardless\nof whether the variable exists or not. Cannot be updated.\nMore info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell" items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" env: description: "List of environment variables to set in the container.\nCannot be updated." items: @@ -2633,7 +2800,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -2682,7 +2850,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -2696,6 +2865,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" envFrom: description: "List of sources to populate environment variables in the container.\nThe keys defined within a source must be a C_IDENTIFIER. All invalid keys\nwill be reported as an event when the container is starting. When a key exists in multiple\nsources, the value associated with the last source will take precedence.\nValues defined by an Env with a duplicate key will take precedence.\nCannot be updated." items: @@ -2705,7 +2877,8 @@ spec: description: "The ConfigMap to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap must be defined" @@ -2719,7 +2892,8 @@ spec: description: "The Secret to select from" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret must be defined" @@ -2728,6 +2902,7 @@ spec: x-kubernetes-map-type: "atomic" type: "object" type: "array" + x-kubernetes-list-type: "atomic" image: description: "Container image name.\nMore info: https://kubernetes.io/docs/concepts/containers/images\nThis field is optional to allow higher level config management to default or override\ncontainer images in workload controllers like Deployments and StatefulSets." type: "string" @@ -2748,6 +2923,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2771,6 +2947,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2823,6 +3000,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" httpGet: description: "HTTPGet specifies the http request to perform." @@ -2846,6 +3024,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -2899,6 +3078,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -2939,6 +3119,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3035,6 +3216,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3075,6 +3257,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3189,6 +3372,18 @@ spec: allowPrivilegeEscalation: description: "AllowPrivilegeEscalation controls whether a process can gain more\nprivileges than its parent process. This bool directly controls if\nthe no_new_privs flag will be set on the container process.\nAllowPrivilegeEscalation is true always when the container is:\n1) run as Privileged\n2) has CAP_SYS_ADMIN\nNote that this field cannot be set when spec.os.name is windows." type: "boolean" + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile\noverrides the pod's appArmorProfile.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" capabilities: description: "The capabilities to add/drop when running containers.\nDefaults to the default set of capabilities granted by the container runtime.\nNote that this field cannot be set when spec.os.name is windows." properties: @@ -3198,12 +3393,14 @@ spec: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" drop: description: "Removed capabilities" items: description: "Capability represent POSIX capabilities type" type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" privileged: description: "Run container in privileged mode.\nProcesses in privileged containers are essentially equivalent to root on the host.\nDefaults to false.\nNote that this field cannot be set when spec.os.name is windows." @@ -3281,6 +3478,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" failureThreshold: description: "Minimum consecutive failures for the probe to be considered failed after having succeeded.\nDefaults to 3. Minimum value is 1." @@ -3321,6 +3519,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" path: description: "Path to access on the HTTP server." type: "string" @@ -3403,6 +3602,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "devicePath" + x-kubernetes-list-type: "map" volumeMounts: description: "Pod volumes to mount into the container's filesystem.\nCannot be updated." items: @@ -3412,7 +3614,7 @@ spec: description: "Path within the container at which the volume should be mounted. Must\nnot contain ':'." type: "string" mountPropagation: - description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10." + description: "mountPropagation determines how mounts are propagated from the host\nto container and the other way around.\nWhen not set, MountPropagationNone is used.\nThis field is beta in 1.10.\nWhen RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified\n(which defaults to None)." type: "string" name: description: "This must match the Name of a Volume." @@ -3420,6 +3622,9 @@ spec: readOnly: description: "Mounted read-only if true, read-write otherwise (false or unspecified).\nDefaults to false." type: "boolean" + recursiveReadOnly: + description: "RecursiveReadOnly specifies whether read-only mounts should be handled\nrecursively.\n\n\nIf ReadOnly is false, this field has no meaning and must be unspecified.\n\n\nIf ReadOnly is true, and this field is set to Disabled, the mount is not made\nrecursively read-only. If this field is set to IfPossible, the mount is made\nrecursively read-only, if it is supported by the container runtime. If this\nfield is set to Enabled, the mount is made recursively read-only if it is\nsupported by the container runtime, otherwise the pod will not be started and\nan error will be generated to indicate the reason.\n\n\nIf this field is set to IfPossible or Enabled, MountPropagation must be set to\nNone (or be unspecified, which defaults to None).\n\n\nIf this field is not specified, it is treated as an equivalent of Disabled." + type: "string" subPath: description: "Path within the volume from which the container's volume should be mounted.\nDefaults to \"\" (volume's root)." type: "string" @@ -3431,6 +3636,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "mountPath" + x-kubernetes-list-type: "map" workingDir: description: "Container's working directory.\nIf not specified, the container runtime's default will be used, which\nmight be configured in the container image.\nCannot be updated." type: "string" @@ -3438,6 +3646,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" nodeName: description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty,\nthe scheduler simply schedules this pod onto that node, assuming that it fits resource\nrequirements." type: "string" @@ -3448,7 +3659,7 @@ spec: type: "object" x-kubernetes-map-type: "atomic" os: - description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup" + description: "Specifies the OS of the containers in the pod.\nSome pod and container fields are restricted if this is set.\n\n\nIf the OS field is set to linux, the following fields must be unset:\n-securityContext.windowsOptions\n\n\nIf the OS field is set to windows, following fields must be unset:\n- spec.hostPID\n- spec.hostIPC\n- spec.hostUsers\n- spec.securityContext.appArmorProfile\n- spec.securityContext.seLinuxOptions\n- spec.securityContext.seccompProfile\n- spec.securityContext.fsGroup\n- spec.securityContext.fsGroupChangePolicy\n- spec.securityContext.sysctls\n- spec.shareProcessNamespace\n- spec.securityContext.runAsUser\n- spec.securityContext.runAsGroup\n- spec.securityContext.supplementalGroups\n- spec.containers[*].securityContext.appArmorProfile\n- spec.containers[*].securityContext.seLinuxOptions\n- spec.containers[*].securityContext.seccompProfile\n- spec.containers[*].securityContext.capabilities\n- spec.containers[*].securityContext.readOnlyRootFilesystem\n- spec.containers[*].securityContext.privileged\n- spec.containers[*].securityContext.allowPrivilegeEscalation\n- spec.containers[*].securityContext.procMount\n- spec.containers[*].securityContext.runAsUser\n- spec.containers[*].securityContext.runAsGroup" properties: name: description: "Name is the name of the operating system. The currently supported values are linux and windows.\nAdditional value may be defined in future and can be one of:\nhttps://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration\nClients should expect to handle additional values and treat unrecognized values in this field as os: null" @@ -3487,6 +3698,7 @@ spec: - "conditionType" type: "object" type: "array" + x-kubernetes-list-type: "atomic" resourceClaims: description: "ResourceClaims defines which ResourceClaims must be allocated\nand reserved before the Pod is allowed to start. The resources\nwill be made available to those containers which consume them\nby name.\n\n\nThis is an alpha field and requires enabling the\nDynamicResourceAllocation feature gate.\n\n\nThis field is immutable." items: @@ -3522,7 +3734,7 @@ spec: description: "If specified, the pod will be dispatched by specified scheduler.\nIf not specified, the pod will be dispatched by default scheduler." type: "string" schedulingGates: - description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards.\n\n\nThis is a beta feature enabled by the PodSchedulingReadiness feature gate." + description: "SchedulingGates is an opaque list of values that if specified will block scheduling the pod.\nIf schedulingGates is not empty, the pod will stay in the SchedulingGated state and the\nscheduler will not attempt to schedule the pod.\n\n\nSchedulingGates can only be set at pod creation time, and be removed only afterwards." items: description: "PodSchedulingGate is associated to a Pod to guard its scheduling." properties: @@ -3539,6 +3751,18 @@ spec: securityContext: description: "SecurityContext holds pod-level security attributes and common container settings.\nOptional: Defaults to empty. See type description for default values of each field." properties: + appArmorProfile: + description: "appArmorProfile is the AppArmor options to use by the containers in this pod.\nNote that this field cannot be set when spec.os.name is windows." + properties: + localhostProfile: + description: "localhostProfile indicates a profile loaded on the node that should be used.\nThe profile must be preconfigured on the node to work.\nMust match the loaded name of the profile.\nMust be set if and only if type is \"Localhost\"." + type: "string" + type: + description: "type indicates which kind of AppArmor profile will be applied.\nValid options are:\n Localhost - a profile pre-loaded on the node.\n RuntimeDefault - the container runtime's default profile.\n Unconfined - no AppArmor enforcement." + type: "string" + required: + - "type" + type: "object" fsGroup: description: "A special supplemental group that applies to all containers in a pod.\nSome volume types allow the Kubelet to change the ownership of that volume\nto be owned by the pod:\n\n\n1. The owning GID will be the FSGroup\n2. The setgid bit is set (new files created in the volume will be owned by FSGroup)\n3. The permission bits are OR'd with rw-rw----\n\n\nIf unset, the Kubelet will not modify the ownership and permissions of any volume.\nNote that this field cannot be set when spec.os.name is windows." format: "int64" @@ -3591,6 +3815,7 @@ spec: format: "int64" type: "integer" type: "array" + x-kubernetes-list-type: "atomic" sysctls: description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported\nsysctls (by the container runtime) might fail to launch.\nNote that this field cannot be set when spec.os.name is windows." items: @@ -3607,6 +3832,7 @@ spec: - "value" type: "object" type: "array" + x-kubernetes-list-type: "atomic" windowsOptions: description: "The Windows specific settings applied to all containers.\nIf unspecified, the options within a container's SecurityContext will be used.\nIf set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.\nNote that this field cannot be set when spec.os.name is linux." properties: @@ -3625,7 +3851,7 @@ spec: type: "object" type: "object" serviceAccount: - description: "DeprecatedServiceAccount is a depreciated alias for ServiceAccountName.\nDeprecated: Use serviceAccountName instead." + description: "DeprecatedServiceAccount is a deprecated alias for ServiceAccountName.\nDeprecated: Use serviceAccountName instead." type: "string" serviceAccountName: description: "ServiceAccountName is the name of the ServiceAccount to use to run this pod.\nMore info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/" @@ -3666,6 +3892,7 @@ spec: type: "string" type: "object" type: "array" + x-kubernetes-list-type: "atomic" topologySpreadConstraints: description: "TopologySpreadConstraints describes how a group of pods ought to spread across topology\ndomains. Scheduler will schedule pods in a way which abides by the constraints.\nAll topologySpreadConstraints are ANDed." items: @@ -3690,11 +3917,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -3713,7 +3942,7 @@ spec: format: "int32" type: "integer" minDomains: - description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew.\n\n\nThis is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default)." + description: "MinDomains indicates a minimum number of eligible domains.\nWhen the number of eligible domains with matching topology keys is less than minDomains,\nPod Topology Spread treats \"global minimum\" as 0, and then the calculation of Skew is performed.\nAnd when the number of eligible domains with matching topology keys equals or greater than minDomains,\nthis value has no effect on scheduling.\nAs a result, when the number of eligible domains is less than minDomains,\nscheduler won't schedule more than maxSkew Pods to those domains.\nIf value is nil, the constraint behaves as if MinDomains is equal to 1.\nValid values are integers greater than 0.\nWhen value is not nil, WhenUnsatisfiable must be DoNotSchedule.\n\n\nFor example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same\nlabelSelector spread as 2/2/2:\n| zone1 | zone2 | zone3 |\n| P P | P P | P P |\nThe number of domains is less than 5(MinDomains), so \"global minimum\" is treated as 0.\nIn this situation, new pod with the same labelSelector cannot be scheduled,\nbecause computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones,\nit will violate MaxSkew." format: "int32" type: "integer" nodeAffinityPolicy: @@ -3811,6 +4040,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" path: description: "path is Optional: Used as the mounted root, rather than the full Ceph tree, default is /" type: "string" @@ -3824,7 +4054,8 @@ spec: description: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty.\nMore info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3847,7 +4078,8 @@ spec: description: "secretRef is optional: points to a secret object containing parameters used to connect\nto OpenStack." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3884,8 +4116,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -3905,7 +4139,8 @@ spec: description: "nodePublishSecretRef is a reference to the secret object containing\nsensitive information to pass to the CSI driver to complete the CSI\nNodePublishVolume and NodeUnpublishVolume calls.\nThis field is optional, and may be empty if no secret is required. If the\nsecret object contains more than one secret, all secret references are passed." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -3933,7 +4168,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -3976,6 +4211,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" emptyDir: description: "emptyDir represents a temporary directory that shares a pod's lifetime.\nMore info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir" @@ -4025,6 +4261,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" dataSource: description: "dataSource field can be used to specify either:\n* An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot)\n* An existing PVC (PersistentVolumeClaim)\nIf the provisioner or an external controller can support the specified data source,\nit will create a new volume based on the contents of the specified data source.\nWhen the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef,\nand dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified.\nIf the namespace is specified, then dataSourceRef will not be copied to dataSource." properties: @@ -4102,11 +4339,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4118,7 +4357,7 @@ spec: description: "storageClassName is the name of the StorageClass required by the claim.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1" type: "string" volumeAttributesClassName: - description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." + description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim.\nIf specified, the CSI driver will create or update the volume with the attributes defined\nin the corresponding VolumeAttributesClass. This has a different purpose than storageClassName,\nit can be changed after the claim is created. An empty string value means that no VolumeAttributesClass\nwill be applied to the claim but it's not allowed to reset this field to empty string once it is set.\nIf unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass\nwill be set by the persistentvolume controller if it exists.\nIf the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be\nset to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource\nexists.\nMore info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/\n(Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled." type: "string" volumeMode: description: "volumeMode defines what type of volume is required by the claim.\nValue of Filesystem is implied when not included in claim spec." @@ -4149,11 +4388,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" wwids: description: "wwids Optional: FC volume world wide identifiers (wwids)\nEither wwids or combination of targetWWNs and lun must be set, but not both simultaneously." items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" type: "object" flexVolume: description: "flexVolume represents a generic volume resource that is\nprovisioned/attached using an exec based plugin." @@ -4176,7 +4417,8 @@ spec: description: "secretRef is Optional: secretRef is reference to the secret object containing\nsensitive information to pass to the plugin scripts. This may be\nempty if no secret object is specified. If the secret object\ncontains more than one secret, all secrets are passed to the plugin\nscripts." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4285,6 +4527,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" readOnly: description: "readOnly here will force the ReadOnly setting in VolumeMounts.\nDefaults to false." type: "boolean" @@ -4292,7 +4535,8 @@ spec: description: "secretRef is the CHAP Secret for iSCSI target and initiator authentication" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4396,11 +4640,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -4446,8 +4692,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional specify whether the ConfigMap or its keys must be defined" @@ -4463,7 +4711,7 @@ spec: description: "DownwardAPIVolumeFile represents information to create the file containing the pod field" properties: fieldRef: - description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported." + description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported." properties: apiVersion: description: "Version of the schema the FieldPath is written in terms of, defaults to \"v1\"." @@ -4506,6 +4754,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" secret: description: "secret information about the secret data to project" @@ -4530,8 +4779,10 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "optional field specify whether the Secret or its key must be defined" @@ -4556,6 +4807,7 @@ spec: type: "object" type: "object" type: "array" + x-kubernetes-list-type: "atomic" type: "object" quobyte: description: "quobyte represents a Quobyte mount on the host that shares a pod's lifetime" @@ -4599,6 +4851,7 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" pool: description: "pool is the rados pool name.\nDefault is rbd.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" type: "string" @@ -4609,7 +4862,8 @@ spec: description: "secretRef is name of the authentication secret for RBDUser. If provided\noverrides keyring.\nDefault is nil.\nMore info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it" properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4639,7 +4893,8 @@ spec: description: "secretRef references to the secret for ScaleIO user and other\nsensitive information. If this is not provided, Login operation will fail." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4690,6 +4945,7 @@ spec: - "path" type: "object" type: "array" + x-kubernetes-list-type: "atomic" optional: description: "optional field specify whether the Secret or its keys must be defined" type: "boolean" @@ -4710,7 +4966,8 @@ spec: description: "secretRef specifies the secret to use for obtaining the StorageOS API\ncredentials. If not specified, default values will be attempted." properties: name: - description: "Name of the referent.\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -4743,6 +5000,9 @@ spec: - "name" type: "object" type: "array" + x-kubernetes-list-map-keys: + - "name" + x-kubernetes-list-type: "map" required: - "containers" type: "object" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml index a5c17e14d..429b158f6 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v1/clusterpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "clusterpolicies.kyverno.io" spec: group: "kyverno.io" @@ -24,9 +24,6 @@ spec: - jsonPath: ".spec.background" name: "BACKGROUND" type: "boolean" - - jsonPath: ".spec.validationFailureAction" - name: "VALIDATE ACTION" - type: "string" - jsonPath: ".status.conditions[?(@.type == \"Ready\")].status" name: "READY" type: "string" @@ -2262,10 +2259,8 @@ spec: type: "string" type: "object" validationFailureAction: - description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce." + description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce." enum: - - "audit" - - "enforce" - "Audit" - "Enforce" type: "string" @@ -2821,6 +2816,12 @@ spec: default: true description: "UseCache enables caching of image verify responses for this rule." type: "boolean" + validationFailureAction: + description: "Allowed values are Audit or Enforce." + enum: + - "Audit" + - "Enforce" + type: "string" verifyDigest: default: true description: "VerifyDigest validates that images have a digest." @@ -5099,10 +5100,8 @@ spec: type: "string" type: "object" validationFailureAction: - description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce." + description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce." enum: - - "audit" - - "enforce" - "Audit" - "Enforce" type: "string" @@ -5658,6 +5657,12 @@ spec: default: true description: "UseCache enables caching of image verify responses for this rule." type: "boolean" + validationFailureAction: + description: "Allowed values are Audit or Enforce." + enum: + - "Audit" + - "Enforce" + type: "string" verifyDigest: default: true description: "VerifyDigest validates that images have a digest." diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml index 58e556ffc..c542f9b21 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v1/policies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "policies.kyverno.io" spec: group: "kyverno.io" @@ -24,9 +24,6 @@ spec: - jsonPath: ".spec.background" name: "BACKGROUND" type: "boolean" - - jsonPath: ".spec.validationFailureAction" - name: "VALIDATE ACTION" - type: "string" - jsonPath: ".status.conditions[?(@.type == \"Ready\")].status" name: "READY" type: "string" @@ -2262,10 +2259,8 @@ spec: type: "string" type: "object" validationFailureAction: - description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce." + description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce." enum: - - "audit" - - "enforce" - "Audit" - "Enforce" type: "string" @@ -2821,6 +2816,12 @@ spec: default: true description: "UseCache enables caching of image verify responses for this rule." type: "boolean" + validationFailureAction: + description: "Allowed values are Audit or Enforce." + enum: + - "Audit" + - "Enforce" + type: "string" verifyDigest: default: true description: "VerifyDigest validates that images have a digest." @@ -5099,10 +5100,8 @@ spec: type: "string" type: "object" validationFailureAction: - description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce." + description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce." enum: - - "audit" - - "enforce" - "Audit" - "Enforce" type: "string" @@ -5658,6 +5657,12 @@ spec: default: true description: "UseCache enables caching of image verify responses for this rule." type: "boolean" + validationFailureAction: + description: "Allowed values are Audit or Enforce." + enum: + - "Audit" + - "Enforce" + type: "string" verifyDigest: default: true description: "VerifyDigest validates that images have a digest." diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v1beta1/updaterequests.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v1beta1/updaterequests.yaml index 8130a40d2..fda034ae1 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v1beta1/updaterequests.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v1beta1/updaterequests.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "updaterequests.kyverno.io" spec: group: "kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2/cleanuppolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2/cleanuppolicies.yaml index 0de504a63..9ab39378e 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2/cleanuppolicies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2/cleanuppolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "cleanuppolicies.kyverno.io" spec: group: "kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2/clustercleanuppolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2/clustercleanuppolicies.yaml index 08313b376..0e51f3a98 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2/clustercleanuppolicies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2/clustercleanuppolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "clustercleanuppolicies.kyverno.io" spec: group: "kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2/policyexceptions.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2/policyexceptions.yaml index da314a77d..fd30d4de3 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2/policyexceptions.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2/policyexceptions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "policyexceptions.kyverno.io" spec: group: "kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2/updaterequests.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2/updaterequests.yaml index 55715295c..40660a983 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2/updaterequests.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2/updaterequests.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "updaterequests.kyverno.io" spec: group: "kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml index 3effb19d1..a6c39de33 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2alpha1/globalcontextentries.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "globalcontextentries.kyverno.io" spec: group: "kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/cleanuppolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/cleanuppolicies.yaml index ca32fb403..8f2268ef1 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/cleanuppolicies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/cleanuppolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "cleanuppolicies.kyverno.io" spec: group: "kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clustercleanuppolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clustercleanuppolicies.yaml index b07738e7f..18dd7968c 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clustercleanuppolicies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clustercleanuppolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "clustercleanuppolicies.kyverno.io" spec: group: "kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml index 4cb50e7a6..aa3385b07 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/clusterpolicies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "clusterpolicies.kyverno.io" spec: group: "kyverno.io" @@ -24,9 +24,6 @@ spec: - jsonPath: ".spec.background" name: "BACKGROUND" type: "boolean" - - jsonPath: ".spec.validationFailureAction" - name: "VALIDATE ACTION" - type: "string" - jsonPath: ".status.conditions[?(@.type == \"Ready\")].status" name: "READY" type: "string" @@ -2122,10 +2119,8 @@ spec: type: "string" type: "object" validationFailureAction: - description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce." + description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce." enum: - - "audit" - - "enforce" - "Audit" - "Enforce" type: "string" @@ -2653,6 +2648,12 @@ spec: default: true description: "UseCache enables caching of image verify responses for this rule" type: "boolean" + validationFailureAction: + description: "Allowed values are Audit or Enforce." + enum: + - "Audit" + - "Enforce" + type: "string" verifyDigest: default: true description: "VerifyDigest validates that images have a digest." @@ -4931,10 +4932,8 @@ spec: type: "string" type: "object" validationFailureAction: - description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce." + description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce." enum: - - "audit" - - "enforce" - "Audit" - "Enforce" type: "string" @@ -5490,6 +5489,12 @@ spec: default: true description: "UseCache enables caching of image verify responses for this rule." type: "boolean" + validationFailureAction: + description: "Allowed values are Audit or Enforce." + enum: + - "Audit" + - "Enforce" + type: "string" verifyDigest: default: true description: "VerifyDigest validates that images have a digest." diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml index 9d37d7964..272d640f6 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policies.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "policies.kyverno.io" spec: group: "kyverno.io" @@ -24,9 +24,6 @@ spec: - jsonPath: ".spec.background" name: "BACKGROUND" type: "boolean" - - jsonPath: ".spec.validationFailureAction" - name: "VALIDATE ACTION" - type: "string" - jsonPath: ".status.conditions[?(@.type == \"Ready\")].status" name: "READY" type: "string" @@ -2122,10 +2119,8 @@ spec: type: "string" type: "object" validationFailureAction: - description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce." + description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce." enum: - - "audit" - - "enforce" - "Audit" - "Enforce" type: "string" @@ -2653,6 +2648,12 @@ spec: default: true description: "UseCache enables caching of image verify responses for this rule" type: "boolean" + validationFailureAction: + description: "Allowed values are Audit or Enforce." + enum: + - "Audit" + - "Enforce" + type: "string" verifyDigest: default: true description: "VerifyDigest validates that images have a digest." @@ -4931,10 +4932,8 @@ spec: type: "string" type: "object" validationFailureAction: - description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (enforce), or allow (audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are audit or enforce." + description: "ValidationFailureAction defines if a validation policy rule violation should block\nthe admission review request (Enforce), or allow (Audit) the admission review request\nand report an error in a policy report. Optional.\nAllowed values are Audit or Enforce." enum: - - "audit" - - "enforce" - "Audit" - "Enforce" type: "string" @@ -5490,6 +5489,12 @@ spec: default: true description: "UseCache enables caching of image verify responses for this rule." type: "boolean" + validationFailureAction: + description: "Allowed values are Audit or Enforce." + enum: + - "Audit" + - "Enforce" + type: "string" verifyDigest: default: true description: "VerifyDigest validates that images have a digest." diff --git a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policyexceptions.yaml b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policyexceptions.yaml index f8fde46da..c2878f0ba 100644 --- a/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policyexceptions.yaml +++ b/crd-catalog/kyverno/kyverno/kyverno.io/v2beta1/policyexceptions.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "policyexceptions.kyverno.io" spec: group: "kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/clusterephemeralreports.yaml b/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/clusterephemeralreports.yaml index 931dd50c2..22f134981 100644 --- a/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/clusterephemeralreports.yaml +++ b/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/clusterephemeralreports.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "clusterephemeralreports.reports.kyverno.io" spec: group: "reports.kyverno.io" diff --git a/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/ephemeralreports.yaml b/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/ephemeralreports.yaml index 7cbfae2e8..85c448f7b 100644 --- a/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/ephemeralreports.yaml +++ b/crd-catalog/kyverno/kyverno/reports.kyverno.io/v1/ephemeralreports.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.15.0" + controller-gen.kubebuilder.io/version: "(devel)" name: "ephemeralreports.reports.kyverno.io" spec: group: "reports.kyverno.io" diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml index 74bb620af..94a2cb774 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/mariadbs.yaml @@ -9071,7 +9071,8 @@ spec: description: "Params defines extra parameters to pass to the monitor.\nAny parameter supported by MaxScale may be specified here. See reference:\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-common-monitor-parameters/.\nMonitor specific parameter are also suported:\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-galera-monitor/#galera-monitor-optional-parameters.\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration." type: "object" suspend: - description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this." + default: false + description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities." type: "boolean" type: "object" podDisruptionBudget: @@ -9121,7 +9122,8 @@ spec: description: "Protocol is the MaxScale protocol to use when communicating with the client. If not provided, it defaults to MariaDBProtocol." type: "string" suspend: - description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this." + default: false + description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities." type: "boolean" type: "object" name: @@ -9139,7 +9141,8 @@ spec: - "readconnroute" type: "string" suspend: - description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this." + default: false + description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities." type: "boolean" required: - "listener" @@ -14096,7 +14099,7 @@ spec: type: "object" suspend: default: false - description: "Suspend defines whether the MariaDB reconciliation loop is enabled. This can be useful for maintenance, as disabling the reconciliation loop prevents the operator from interfering with user operations during maintenance activities." + description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities." type: "boolean" timeZone: description: "TimeZone sets the default timezone. If not provided, it defaults to SYSTEM and the timezone data is not loaded." diff --git a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml index 07ca80d14..15f63592e 100644 --- a/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml +++ b/crd-catalog/mariadb-operator/mariadb-operator/k8s.mariadb.com/v1alpha1/maxscales.yaml @@ -5340,7 +5340,8 @@ spec: description: "Params defines extra parameters to pass to the monitor.\nAny parameter supported by MaxScale may be specified here. See reference:\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-common-monitor-parameters/.\nMonitor specific parameter are also suported:\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-galera-monitor/#galera-monitor-optional-parameters.\nhttps://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration." type: "object" suspend: - description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this." + default: false + description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities." type: "boolean" type: "object" nodeSelector: @@ -5791,7 +5792,8 @@ spec: description: "Protocol is the MaxScale protocol to use when communicating with the client. If not provided, it defaults to MariaDBProtocol." type: "string" suspend: - description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this." + default: false + description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities." type: "boolean" type: "object" name: @@ -5809,7 +5811,8 @@ spec: - "readconnroute" type: "string" suspend: - description: "Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this." + default: false + description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities." type: "boolean" required: - "listener" @@ -6343,6 +6346,10 @@ spec: - "image" type: "object" type: "array" + suspend: + default: false + description: "Suspend indicates whether the current resource should be suspended or not.\nThis can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities." + type: "boolean" tolerations: description: "Tolerations to be used in the Pod." items: diff --git a/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml b/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml index 87bee6afe..c05c87b2e 100644 --- a/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml +++ b/crd-catalog/metal3-io/baremetal-operator/metal3.io/v1alpha1/baremetalhosts.yaml @@ -591,7 +591,7 @@ spec: type: "object" type: "object" hardwareProfile: - description: "The name of the profile matching the hardware details." + description: "The name of the profile matching the hardware details. Hardware profiles are deprecated and should not be relied on." type: "string" lastUpdated: description: "LastUpdated identifies when this status was last observed." @@ -907,7 +907,6 @@ spec: required: - "errorCount" - "errorMessage" - - "hardwareProfile" - "operationalStatus" - "poweredOn" - "provisioning" diff --git a/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml b/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml index 75eee67a6..11f092e1e 100644 --- a/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml +++ b/crd-catalog/minio/operator/minio.min.io/v2/tenants.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: controller-gen.kubebuilder.io/version: "v0.15.0" - operator.min.io/version: "v6.0.1" + operator.min.io/version: "v6.0.2" name: "tenants.minio.min.io" spec: group: "minio.min.io" diff --git a/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml b/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml index d628e3123..7161267e6 100644 --- a/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml +++ b/crd-catalog/minio/operator/sts.min.io/v1alpha1/policybindings.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: controller-gen.kubebuilder.io/version: "v0.15.0" - operator.min.io/version: "v6.0.1" + operator.min.io/version: "v6.0.2" name: "policybindings.sts.min.io" spec: group: "sts.min.io" diff --git a/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml b/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml index da8b124f1..5c0073d2a 100644 --- a/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml +++ b/crd-catalog/minio/operator/sts.min.io/v1beta1/policybindings.yaml @@ -3,7 +3,7 @@ kind: "CustomResourceDefinition" metadata: annotations: controller-gen.kubebuilder.io/version: "v0.15.0" - operator.min.io/version: "v6.0.1" + operator.min.io/version: "v6.0.2" name: "policybindings.sts.min.io" spec: group: "sts.min.io" diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml index bd73b916e..8362672ba 100644 --- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml +++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta1/flowcollectors.yaml @@ -143,6 +143,20 @@ spec: - type: "string" description: "SourcePorts defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example sourcePorts: 80.\nTo filter a range of ports, use a \"start-end\" range, string format. For example sourcePorts: \"80-100\"." x-kubernetes-int-or-string: true + tcpFlags: + description: "`tcpFlags` defines the TCP flags to filter flows by." + enum: + - "SYN" + - "SYN-ACK" + - "ACK" + - "FIN" + - "RST" + - "URG" + - "ECE" + - "CWR" + - "FIN-ACK" + - "RST-ACK" + type: "string" type: "object" imagePullPolicy: default: "IfNotPresent" diff --git a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml index 01a6db77b..e6d2b4846 100644 --- a/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml +++ b/crd-catalog/netobserv/network-observability-operator/flows.netobserv.io/v1beta2/flowcollectors.yaml @@ -732,6 +732,20 @@ spec: - type: "string" description: "`sourcePorts` defines the source ports to filter flows by.\nTo filter a single port, set a single port as an integer value. For example: `sourcePorts: 80`.\nTo filter a range of ports, use a \"start-end\" range in string format. For example: `sourcePorts: \"80-100\"`." x-kubernetes-int-or-string: true + tcpFlags: + description: "`tcpFlags` defines the TCP flags to filter flows by." + enum: + - "SYN" + - "SYN-ACK" + - "ACK" + - "FIN" + - "RST" + - "URG" + - "ECE" + - "CWR" + - "FIN-ACK" + - "RST-ACK" + type: "string" type: "object" imagePullPolicy: default: "IfNotPresent" diff --git a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml index 25b3ccaf9..b388c5699 100644 --- a/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml +++ b/crd-catalog/nginxinc/kubernetes-ingress/k8s.nginx.org/v1/policies.yaml @@ -142,8 +142,12 @@ spec: type: "string" clientSecret: type: "string" + endSessionEndpoint: + type: "string" jwksURI: type: "string" + postLogoutRedirectURI: + type: "string" redirectURI: type: "string" scope: diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml index 1bbff6b19..7570d6e0a 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeploymentcustomizations.yaml @@ -60,7 +60,8 @@ spec: description: "ClusterDeploymentRef is a reference to the cluster deployment that this customization is applied on." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -68,7 +69,8 @@ spec: description: "ClusterPoolRef is the name of the current cluster pool the CDC used at." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml index 0196348ca..506b6a761 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeployments.yaml @@ -63,7 +63,8 @@ spec: description: "BoundServiceAccountSigningKeySecretRef refers to a Secret that contains a 'bound-service-account-signing-key.key' data key pointing to the private key that will be used to sign ServiceAccount objects. Primarily used to provision AWS clusters to use Amazon's Security Token Service." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -76,7 +77,8 @@ spec: description: "CertificateSecretRef is the reference to the secret that contains the certificate bundle. If the certificate bundle is to be generated, it will be generated with the name in this reference. Otherwise, it is expected that the secret should exist in the same namespace as the ClusterDeployment" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -115,7 +117,8 @@ spec: description: "AdminKubeconfigSecretRef references the secret containing the admin kubeconfig for this cluster." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -123,7 +126,8 @@ spec: description: "AdminPasswordSecretRef references the secret containing the admin username/password which can be used to login to this cluster." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -182,7 +186,8 @@ spec: description: "CustomizationRef is the ClusterPool Inventory claimed customization for this ClusterDeployment. The Customization exists in the ClusterPool namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -272,11 +277,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -303,11 +310,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -358,11 +367,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -391,7 +402,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the AWS account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -438,7 +450,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the Azure account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -456,7 +469,8 @@ spec: description: "LibvirtSSHPrivateKeySecretRef is the reference to the secret that contains the private SSH key to use for access to the libvirt provisioning host. The SSH private key is expected to be in the secret data under the \"ssh-privatekey\" key." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -470,7 +484,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the GCP account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -513,7 +528,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains IBM Cloud account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -534,7 +550,8 @@ spec: description: "CertificatesSecretRef refers to a secret that contains CA certificates necessary for communicating with the OpenStack. There is additional configuration required for the OpenShift cluster to trust the certificates provided in this secret. The \"clouds.yaml\" file included in the credentialsSecretRef Secret must also include a reference to the certificate bundle file for the OpenShift cluster being created to trust the OpenStack endpoints. The \"clouds.yaml\" file must set the \"cacert\" field to either \"/etc/openstack-ca/\" or \"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\". \n For example, \"\"\"clouds.yaml clouds: shiftstack: auth: ... cacert: \"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\" \"\"\"" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -545,7 +562,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the OpenStack account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -563,7 +581,8 @@ spec: description: "CertificatesSecretRef refers to a secret that contains the oVirt CA certificates necessary for communicating with oVirt." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -571,7 +590,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the oVirt account access credentials with fields: ovirt_url, ovirt_username, ovirt_password, ovirt_ca_bundle" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -597,7 +617,8 @@ spec: description: "CertificatesSecretRef refers to a secret that contains the vSphere CA certificates necessary for communicating with the VCenter." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -608,7 +629,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the vSphere account access credentials: GOVC_USERNAME, GOVC_PASSWORD fields." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -661,7 +683,8 @@ spec: description: "InstallConfigSecretRef is the reference to a secret that contains an openshift-install InstallConfig. This file will be passed through directly to the installer. Any version of InstallConfig can be used, provided it can be parsed by the openshift-install version for the release you are provisioning." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -686,7 +709,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -735,7 +759,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -756,7 +781,8 @@ spec: description: "ManifestsConfigMapRef is a reference to user-provided manifests to add to or replace manifests that are generated by the installer. It serves the same purpose as, and is mutually exclusive with, ManifestsSecretRef." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -764,7 +790,8 @@ spec: description: "ManifestsSecretRef is a reference to user-provided manifests to add to or replace manifests that are generated by the installer. It serves the same purpose as, and is mutually exclusive with, ManifestsConfigMapRef." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -780,7 +807,8 @@ spec: description: "SSHPrivateKeySecretRef is the reference to the secret that contains the private SSH key to use for access to compute instances. This private key should correspond to the public key included in the InstallConfig. The private key is used by Hive to gather logs on the target cluster if there are install failures. The SSH private key is expected to be in the secret data under the \"ssh-privatekey\" key." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -789,7 +817,8 @@ spec: description: "PullSecretRef is the reference to the secret to use when pulling images." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -931,7 +960,8 @@ spec: description: "ProvisionRef is a reference to the last ClusterProvision created for the deployment" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeprovisions.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeprovisions.yaml index b3a235649..889ea4e63 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeprovisions.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterdeprovisions.yaml @@ -77,7 +77,8 @@ spec: description: "CredentialsSecretRef is the AWS account credentials to use for deprovisioning the cluster" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -106,7 +107,8 @@ spec: description: "CredentialsSecretRef is the Azure account credentials to use for deprovisioning the cluster" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -121,7 +123,8 @@ spec: description: "CredentialsSecretRef is the GCP account credentials to use for deprovisioning the cluster" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -144,7 +147,8 @@ spec: description: "CredentialsSecretRef is the IBM Cloud credentials to use for deprovisioning the cluster" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -163,7 +167,8 @@ spec: description: "CertificatesSecretRef refers to a secret that contains CA certificates necessary for communicating with the OpenStack." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -174,7 +179,8 @@ spec: description: "CredentialsSecretRef is the OpenStack account credentials to use for deprovisioning the cluster" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -188,7 +194,8 @@ spec: description: "CertificatesSecretRef refers to a secret that contains the oVirt CA certificates necessary for communicating with the oVirt." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -199,7 +206,8 @@ spec: description: "CredentialsSecretRef is the oVirt account credentials to use for deprovisioning the cluster secret fields: ovirt_url, ovirt_username, ovirt_password, ovirt_ca_bundle" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -215,7 +223,8 @@ spec: description: "CertificatesSecretRef refers to a secret that contains the vSphere CA certificates necessary for communicating with the VCenter." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -223,7 +232,8 @@ spec: description: "CredentialsSecretRef is the vSphere account credentials to use for deprovisioning the cluster" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml index dc8c0f447..2b2933518 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterpools.yaml @@ -96,7 +96,8 @@ spec: description: "InstallConfigSecretTemplateRef is a secret with the key install-config.yaml consisting of the content of the install-config.yaml to be used as a template for all clusters in this pool. Cluster specific settings (name, basedomain) will be injected dynamically when the ClusterDeployment install-config Secret is generated." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -121,7 +122,8 @@ spec: description: "The key to select." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the ConfigMap or its key must be defined" @@ -170,7 +172,8 @@ spec: description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: description: "Specify whether the Secret or its key must be defined" @@ -239,11 +242,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" @@ -272,7 +277,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the AWS account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -319,7 +325,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the Azure account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -337,7 +344,8 @@ spec: description: "LibvirtSSHPrivateKeySecretRef is the reference to the secret that contains the private SSH key to use for access to the libvirt provisioning host. The SSH private key is expected to be in the secret data under the \"ssh-privatekey\" key." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -351,7 +359,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the GCP account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -394,7 +403,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains IBM Cloud account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -415,7 +425,8 @@ spec: description: "CertificatesSecretRef refers to a secret that contains CA certificates necessary for communicating with the OpenStack. There is additional configuration required for the OpenShift cluster to trust the certificates provided in this secret. The \"clouds.yaml\" file included in the credentialsSecretRef Secret must also include a reference to the certificate bundle file for the OpenShift cluster being created to trust the OpenStack endpoints. The \"clouds.yaml\" file must set the \"cacert\" field to either \"/etc/openstack-ca/\" or \"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\". \n For example, \"\"\"clouds.yaml clouds: shiftstack: auth: ... cacert: \"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem\" \"\"\"" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -426,7 +437,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the OpenStack account access credentials." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -444,7 +456,8 @@ spec: description: "CertificatesSecretRef refers to a secret that contains the oVirt CA certificates necessary for communicating with oVirt." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -452,7 +465,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the oVirt account access credentials with fields: ovirt_url, ovirt_username, ovirt_password, ovirt_ca_bundle" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -478,7 +492,8 @@ spec: description: "CertificatesSecretRef refers to a secret that contains the vSphere CA certificates necessary for communicating with the VCenter." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -489,7 +504,8 @@ spec: description: "CredentialsSecretRef refers to a secret that contains the vSphere account access credentials: GOVC_USERNAME, GOVC_PASSWORD fields." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -520,7 +536,8 @@ spec: description: "PullSecretRef is the reference to the secret to use when pulling images." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterprovisions.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterprovisions.yaml index ffc7723d8..439883a38 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterprovisions.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterprovisions.yaml @@ -45,7 +45,8 @@ spec: description: "AdminKubeconfigSecretRef references the secret containing the admin kubeconfig for this cluster." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -53,7 +54,8 @@ spec: description: "AdminPasswordSecretRef references the secret containing the admin username/password which can be used to login to this cluster." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -64,7 +66,8 @@ spec: description: "ClusterDeploymentRef references the cluster deployment provisioned." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -140,7 +143,8 @@ spec: description: "JobRef is the reference to the job performing the provision." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterrelocates.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterrelocates.yaml index 338553a68..2b2758863 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterrelocates.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/clusterrelocates.yaml @@ -52,11 +52,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/dnszones.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/dnszones.yaml index 50adfedad..a6d7dc1fa 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/dnszones.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/dnszones.yaml @@ -63,7 +63,8 @@ spec: description: "CredentialsSecretRef contains a reference to a secret that contains AWS credentials for CRUD operations" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -87,7 +88,8 @@ spec: description: "CredentialsSecretRef references a secret that will be used to authenticate with Azure CloudDNS. It will need permission to create and manage CloudDNS Hosted Zones. Secret should have a key named 'osServicePrincipal.json'. The credentials must specify the project to use." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -105,7 +107,8 @@ spec: description: "CredentialsSecretRef references a secret that will be used to authenticate with GCP CloudDNS. It will need permission to create and manage CloudDNS Hosted Zones. Secret should have a key named 'osServiceAccount.json'. The credentials must specify the project to use." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/hiveconfigs.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/hiveconfigs.yaml index d13a5cd3c..02f443d7a 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/hiveconfigs.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/hiveconfigs.yaml @@ -35,7 +35,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -64,7 +65,8 @@ spec: description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS for associating the VPC with the Private HostedZone created for PrivateLink. When not provided, the common credentials for the controller should be used." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -81,7 +83,8 @@ spec: description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS for creating the resources for AWS PrivateLink." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -390,7 +393,8 @@ spec: description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS S3. It will need permission to upload logs to S3. Secret should have keys named aws_access_key_id and aws_secret_access_key that contain the AWS credentials. Example Secret: data: aws_access_key_id: minio aws_secret_access_key: minio123" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -436,7 +440,8 @@ spec: description: "GlobalPullSecretRef is used to specify a pull secret that will be used globally by all of the cluster deployments. For each cluster deployment, the contents of GlobalPullSecret will be merged with the specific pull secret for a cluster deployment(if specified), with precedence given to the contents of the pull secret for the cluster deployment. The global pull secret is assumed to be in the TargetNamespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -461,7 +466,8 @@ spec: description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS Route53. It will need permission to manage entries for the domain listed in the parent ManageDNSConfig object. Secret should have AWS keys named 'aws_access_key_id' and 'aws_secret_access_key'." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -487,7 +493,8 @@ spec: description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with Azure DNS. It wil need permission to manage entries in each of the managed domains listed in the parent ManageDNSConfig object. Secret should have a key named 'osServicePrincipal.json'" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -510,7 +517,8 @@ spec: description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with GCP DNS. It will need permission to manage entries in each of the managed domains for this cluster. listed in the parent ManageDNSConfig object. Secret should have a key named 'osServiceAccount.json'. The credentials must specify the project to use." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -564,7 +572,8 @@ spec: description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with GCP for creating the resources for GCP Private Service Connect" properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -620,7 +629,8 @@ spec: description: "CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS to become the Service Provider. Being a Service Provider allows the controllers to assume the role in customer AWS accounts to manager clusters." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml index a319c16bf..81666348f 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/machinepools.yaml @@ -58,7 +58,8 @@ spec: description: "ClusterDeploymentRef references the cluster deployment to which this machine pool belongs." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncidentityproviders.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncidentityproviders.yaml index 07f606004..32b9f7a56 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncidentityproviders.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncidentityproviders.yaml @@ -48,11 +48,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml index 9cac6f95f..60b8ca520 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/selectorsyncsets.yaml @@ -58,11 +58,13 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "atomic" required: - "key" - "operator" type: "object" type: "array" + x-kubernetes-list-type: "atomic" matchLabels: additionalProperties: type: "string" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncidentityproviders.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncidentityproviders.yaml index d460bf23e..bb6730a04 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncidentityproviders.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncidentityproviders.yaml @@ -35,7 +35,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml index 0ff42ebbd..82662ba9b 100644 --- a/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml +++ b/crd-catalog/openshift/hive/hive.openshift.io/v1/syncsets.yaml @@ -45,7 +45,8 @@ spec: description: "LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/clustersyncs.yaml b/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/clustersyncs.yaml index 1401711c1..93b63b642 100644 --- a/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/clustersyncs.yaml +++ b/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/clustersyncs.yaml @@ -19,6 +19,9 @@ spec: - jsonPath: ".status.conditions[0].reason" name: "Status" type: "string" + - jsonPath: ".status.controlledByReplica" + name: "ControllerReplica" + type: "string" - jsonPath: ".status.conditions[?(@.type==\"Failed\")].message" name: "Message" priority: 1 diff --git a/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/fakeclusterinstalls.yaml b/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/fakeclusterinstalls.yaml index 242aa0a4b..7b7810314 100644 --- a/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/fakeclusterinstalls.yaml +++ b/crd-catalog/openshift/hive/hiveinternal.openshift.io/v1alpha1/fakeclusterinstalls.yaml @@ -35,7 +35,7 @@ spec: description: "ClusterDeploymentRef is a reference to the ClusterDeployment associated with this AgentClusterInstall." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" clusterMetadata: @@ -45,7 +45,8 @@ spec: description: "AdminKubeconfigSecretRef references the secret containing the admin kubeconfig for this cluster." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" @@ -53,7 +54,8 @@ spec: description: "AdminPasswordSecretRef references the secret containing the admin username/password which can be used to login to this cluster." properties: name: - description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?" + default: "" + description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" type: "object" x-kubernetes-map-type: "atomic" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml index e8babbf04..98b4e2d1a 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/alertmanagers.yaml @@ -850,11 +850,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -4966,6 +5118,9 @@ spec: description: "Total number of non-terminated pods targeted by this Alertmanager\nobject (their labels match the selector)." format: "int32" type: "integer" + selector: + description: "The selector used to match the pods targeted by this Alertmanager object." + type: "string" unavailableReplicas: description: "Total number of unavailable pods targeted by this Alertmanager object." format: "int32" @@ -4987,4 +5142,8 @@ spec: served: true storage: true subresources: + scale: + labelSelectorPath: ".status.selector" + specReplicasPath: ".spec.replicas" + statusReplicasPath: ".status.replicas" status: {} diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml index 1bff24425..4e7769ceb 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/podmonitors.yaml @@ -298,11 +298,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml index c6cdcc798..ced3b1d96 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/probes.yaml @@ -258,11 +258,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml index 872b7de08..d55107e4f 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/prometheuses.yaml @@ -685,7 +685,7 @@ spec: description: "Defines the settings related to Alertmanager." properties: alertmanagers: - description: "AlertmanagerEndpoints Prometheus should fire alerts against." + description: "Alertmanager endpoints where Prometheus should send alerts to." items: description: "AlertmanagerEndpoints defines a selection of a single Endpoints object\ncontaining Alertmanager IPs to fire alerts against." properties: @@ -3664,11 +3664,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -4084,11 +4236,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -5023,7 +5327,7 @@ spec: description: "ServiceAccountName is the name of the ServiceAccount to use to run the\nPrometheus Pods." type: "string" serviceDiscoveryRole: - description: "Defines the service discovery role used to discover targets from `ServiceMonitor` objects.\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role." + description: "Defines the service discovery role used to discover targets from\n`ServiceMonitor` objects and Alertmanager endpoints.\n\n\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role." enum: - "Endpoints" - "EndpointSlice" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml index 8298d0918..5ad645e26 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1/servicemonitors.yaml @@ -270,11 +270,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml index ea4635350..b817fc6c1 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/alertmanagerconfigs.yaml @@ -344,11 +344,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -854,11 +1006,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -1227,11 +1531,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -1597,11 +2053,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -1974,11 +2582,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -2420,53 +3180,205 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" - scopes: - description: "`scopes` defines the OAuth2 scopes used for the token request." - items: - type: "string" - type: "array" - tokenUrl: - description: "`tokenURL` configures the URL to fetch the token from." - minLength: 1 + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." type: "string" - required: - - "clientId" - - "clientSecret" - - "tokenUrl" - type: "object" - proxyURL: - description: "Optional proxy URL." - type: "string" - tlsConfig: - description: "TLS configuration for the client." - properties: - ca: - description: "Certificate authority used when verifying server certificates." - properties: - configMap: - description: "ConfigMap containing data to use for the targets." + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." properties: key: - description: "The key to select." + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: default: "" description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: - description: "Specify whether the ConfigMap or its key must be defined" + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" - secret: - description: "Secret containing data to use for the targets." - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 + type: "string" + required: + - "clientId" + - "clientSecret" + - "tokenUrl" + type: "object" + proxyURL: + description: "Optional proxy URL." + type: "string" + tlsConfig: + description: "TLS configuration for the client." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: default: "" description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" @@ -2749,11 +3661,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -3136,11 +4200,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -3481,11 +4697,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -3792,11 +5160,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -4096,11 +5616,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -4441,11 +6113,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml index 8b409ba57..acdc62362 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/prometheusagents.yaml @@ -3245,11 +3245,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -4093,7 +4245,7 @@ spec: description: "ServiceAccountName is the name of the ServiceAccount to use to run the\nPrometheus Pods." type: "string" serviceDiscoveryRole: - description: "Defines the service discovery role used to discover targets from `ServiceMonitor` objects.\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role." + description: "Defines the service discovery role used to discover targets from\n`ServiceMonitor` objects and Alertmanager endpoints.\n\n\nIf set, the value should be either \"Endpoints\" or \"EndpointSlice\".\nIf unset, the operator assumes the \"Endpoints\" role." enum: - "Endpoints" - "EndpointSlice" diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml index 59e5aaeb1..c7e529460 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1alpha1/scrapeconfigs.yaml @@ -177,11 +177,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -627,11 +779,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -944,11 +1248,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -1129,19 +1585,22 @@ spec: type: "array" port: description: "The port number used if the query type is not SRV\nIgnored for SRV records" + format: "int32" + maximum: 65535.0 + minimum: 0.0 type: "integer" refreshInterval: description: "RefreshInterval configures the time after which the provided names are refreshed.\nIf not set, Prometheus uses its default value." pattern: "^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$" type: "string" type: - description: "The type of DNS query to perform. One of SRV, A, AAAA, MX or NS.\nIf not set, Prometheus uses its default value.\n\n\nWhen set to NS, It requires Prometheus >= 2.49.0." + description: "The type of DNS query to perform. One of SRV, A, AAAA, MX or NS.\nIf not set, Prometheus uses its default value.\n\n\nWhen set to NS, it requires Prometheus >= v2.49.0.\nWhen set to MX, it requires Prometheus >= v2.38.0" enum: - - "SRV" - "A" - "AAAA" - "MX" - "NS" + - "SRV" type: "string" required: - "names" @@ -1315,11 +1774,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -1654,11 +2265,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -2057,28 +2820,180 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" - scopes: - description: "`scopes` defines the OAuth2 scopes used for the token request." - items: - type: "string" - type: "array" - tokenUrl: - description: "`tokenURL` configures the URL to fetch the token from." - minLength: 1 + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." type: "string" - required: - - "clientId" - - "clientSecret" - - "tokenUrl" - type: "object" - proxyConnectHeader: - additionalProperties: - items: - description: "SecretKeySelector selects a key of a Secret." - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 + type: "string" + required: + - "clientId" + - "clientSecret" + - "tokenUrl" + type: "object" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" name: default: "" description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." @@ -2423,11 +3338,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -2858,9 +3925,10 @@ spec: properties: apiServer: description: "The API server address consisting of a hostname or IP address followed\nby an optional port number.\nIf left empty, Prometheus is assumed to run inside\nof the cluster. It will discover API servers automatically and use the pod's\nCA certificate and bearer token file at /var/run/secrets/kubernetes.io/serviceaccount/." + minLength: 1 type: "string" attachMetadata: - description: "Optional metadata to attach to discovered targets.\nIt requires Prometheus >= v2.35.0 for `pod` role and\nPrometheus >= v2.37.0 for `endpoints` and `endpointslice` roles." + description: "Optional metadata to attach to discovered targets.\nIt requires Prometheus >= v2.35.0 when using the `Pod` role and\nPrometheus >= v2.37.0 for `Endpoints` and `Endpointslice` roles." properties: node: description: "Attaches node metadata to discovered targets.\nWhen set to true, Prometheus must have the `get` permission on the\n`Nodes` objects.\nOnly valid for Pod, Endpoint and Endpointslice roles." @@ -2942,8 +4010,9 @@ spec: items: type: "string" type: "array" + x-kubernetes-list-type: "set" ownNamespace: - description: "Includes the namespace in which the Prometheus pod exists to the list of watched namesapces." + description: "Includes the namespace in which the Prometheus pod runs to the list of watched namespaces." type: "boolean" type: "object" noProxy: @@ -3012,11 +4081,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -3057,45 +4278,37 @@ spec: pattern: "^http(s)?://.+$" type: "string" role: - description: "Role of the Kubernetes entities that should be discovered." + description: "Role of the Kubernetes entities that should be discovered.\nRole `Endpointslice` requires Prometheus >= v2.21.0" enum: - - "Node" - - "node" - - "Service" - - "service" - "Pod" - - "pod" - "Endpoints" - - "endpoints" - - "EndpointSlice" - - "endpointslice" - "Ingress" - - "ingress" + - "Service" + - "Node" + - "EndpointSlice" type: "string" selectors: - description: "Selector to select objects." + description: "Selector to select objects.\nIt requires Prometheus >= v2.17.0" items: description: "K8SSelectorConfig is Kubernetes Selector Config" properties: field: + description: "An optional field selector to limit the service discovery to resources which have fields with specific values.\ne.g: `metadata.name=foobar`" + minLength: 1 type: "string" label: + description: "An optional label selector to limit the service discovery to resources with specific labels and label values.\ne.g: `node.kubernetes.io/instance-type=master`" + minLength: 1 type: "string" role: - description: "Role is role of the service in Kubernetes." + description: "Role specifies the type of Kubernetes resource to limit the service discovery to.\nAccepted values are: Node, Pod, Endpoints, EndpointSlice, Service, Ingress." enum: - - "Node" - - "node" - - "Service" - - "service" - "Pod" - - "pod" - "Endpoints" - - "endpoints" - - "EndpointSlice" - - "endpointslice" - "Ingress" - - "ingress" + - "Service" + - "Node" + - "EndpointSlice" type: "string" required: - "role" @@ -3105,7 +4318,7 @@ spec: - "role" x-kubernetes-list-type: "map" tlsConfig: - description: "TLS configuration to use on every scrape request." + description: "TLS configuration to connect to the Kubernetes API." properties: ca: description: "Certificate authority used when verifying server certificates." @@ -3373,11 +4586,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -3720,11 +5085,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -4020,11 +5537,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -4266,6 +5935,235 @@ spec: noProxy: description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." type: "string" + oauth2: + description: "OAuth2 client credentials used to fetch a token for the targets." + properties: + clientId: + description: "`clientId` specifies a key of a Secret or ConfigMap containing the\nOAuth2 client's ID." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + clientSecret: + description: "`clientSecret` specifies a key of a Secret containing the OAuth2\nclient's secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + endpointParams: + additionalProperties: + type: "string" + description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." + type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 + type: "string" + required: + - "clientId" + - "clientSecret" + - "tokenUrl" + type: "object" openstackSDConfigs: description: "OpenStackSDConfigs defines a list of OpenStack service discovery configurations." items: @@ -4736,11 +6634,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 diff --git a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml index cd36e836e..ddad94e10 100644 --- a/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml +++ b/crd-catalog/prometheus-operator/prometheus-operator/monitoring.coreos.com/v1beta1/alertmanagerconfigs.yaml @@ -266,11 +266,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -768,11 +920,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -1137,11 +1441,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -1508,11 +1964,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -1879,11 +2487,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -2317,53 +3077,205 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" - scopes: - description: "`scopes` defines the OAuth2 scopes used for the token request." - items: - type: "string" - type: "array" - tokenUrl: - description: "`tokenURL` configures the URL to fetch the token from." - minLength: 1 + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." type: "string" - required: - - "clientId" - - "clientSecret" - - "tokenUrl" - type: "object" - proxyURL: - description: "Optional proxy URL." - type: "string" - tlsConfig: - description: "TLS configuration for the client." - properties: - ca: - description: "Certificate authority used when verifying server certificates." - properties: - configMap: - description: "ConfigMap containing data to use for the targets." + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." properties: key: - description: "The key to select." + description: "The key of the secret to select from. Must be a valid secret key." type: "string" name: default: "" description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" optional: - description: "Specify whether the ConfigMap or its key must be defined" + description: "Specify whether the Secret or its key must be defined" type: "boolean" required: - "key" type: "object" x-kubernetes-map-type: "atomic" - secret: - description: "Secret containing data to use for the targets." - properties: - key: - description: "The key of the secret to select from. Must be a valid secret key." - type: "string" - name: + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" + scopes: + description: "`scopes` defines the OAuth2 scopes used for the token request." + items: + type: "string" + type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" + tokenUrl: + description: "`tokenURL` configures the URL to fetch the token from." + minLength: 1 + type: "string" + required: + - "clientId" + - "clientSecret" + - "tokenUrl" + type: "object" + proxyURL: + description: "Optional proxy URL." + type: "string" + tlsConfig: + description: "TLS configuration for the client." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: default: "" description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." type: "string" @@ -2644,11 +3556,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -3027,11 +4091,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -3368,11 +4584,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -3677,11 +5045,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -3979,11 +5499,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 @@ -4318,11 +5990,163 @@ spec: type: "string" description: "`endpointParams` configures the HTTP parameters to append to the token\nURL." type: "object" + noProxy: + description: "`noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names\nthat should be excluded from proxying. IP and domain names can\ncontain port numbers.\n\n\nIt requires Prometheus >= v2.43.0." + type: "string" + proxyConnectHeader: + additionalProperties: + items: + description: "SecretKeySelector selects a key of a Secret." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "array" + description: "ProxyConnectHeader optionally specifies headers to send to\nproxies during CONNECT requests.\n\n\nIt requires Prometheus >= v2.43.0." + type: "object" + x-kubernetes-map-type: "atomic" + proxyFromEnvironment: + description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY).\nIf unset, Prometheus uses its default value.\n\n\nIt requires Prometheus >= v2.43.0." + type: "boolean" + proxyUrl: + description: "`proxyURL` defines the HTTP proxy server to use.\n\n\nIt requires Prometheus >= v2.43.0." + pattern: "^http(s)?://.+$" + type: "string" scopes: description: "`scopes` defines the OAuth2 scopes used for the token request." items: type: "string" type: "array" + tlsConfig: + description: "TLS configuration to use when connecting to the OAuth2 server.\nIt requires Prometheus >= v2.43.0." + properties: + ca: + description: "Certificate authority used when verifying server certificates." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + cert: + description: "Client certificate to present when doing client-authentication." + properties: + configMap: + description: "ConfigMap containing data to use for the targets." + properties: + key: + description: "The key to select." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the ConfigMap or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + secret: + description: "Secret containing data to use for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + type: "object" + insecureSkipVerify: + description: "Disable target certificate validation." + type: "boolean" + keySecret: + description: "Secret containing the client key file for the targets." + properties: + key: + description: "The key of the secret to select from. Must be a valid secret key." + type: "string" + name: + default: "" + description: "Name of the referent.\nThis field is effectively required, but due to backwards compatibility is\nallowed to be empty. Instances of this type with an empty value here are\nalmost certainly wrong.\nTODO: Add other useful fields. apiVersion, kind, uid?\nMore info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names\nTODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896." + type: "string" + optional: + description: "Specify whether the Secret or its key must be defined" + type: "boolean" + required: + - "key" + type: "object" + x-kubernetes-map-type: "atomic" + maxVersion: + description: "Maximum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.41.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + minVersion: + description: "Minimum acceptable TLS version.\n\n\nIt requires Prometheus >= v2.35.0." + enum: + - "TLS10" + - "TLS11" + - "TLS12" + - "TLS13" + type: "string" + serverName: + description: "Used to verify the hostname for the targets." + type: "string" + type: "object" tokenUrl: description: "`tokenURL` configures the URL to fetch the token from." minLength: 1 diff --git a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml index 85dbd7da3..3fe005d77 100644 --- a/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml +++ b/crd-catalog/rook/rook/ceph.rook.io/v1/cephobjectstores.yaml @@ -47,6 +47,41 @@ spec: items: type: "string" type: "array" + auth: + description: "The authentication configuration" + properties: + keystone: + description: "The spec for Keystone" + nullable: true + properties: + acceptedRoles: + description: "The roles requires to serve requests." + items: + type: "string" + type: "array" + implicitTenants: + description: "Create new users in their own tenants of the same name. Possible values are true, false, swift and s3. The latter have the effect of splitting the identity space such that only the indicated protocol will use implicit tenants." + type: "string" + revocationInterval: + description: "The number of seconds between token revocation checks." + nullable: true + type: "integer" + serviceUserSecretName: + description: "The name of the secret containing the credentials for the service user account used by RGW. It has to be in the same namespace as the object store resource." + type: "string" + tokenCacheSize: + description: "The maximum number of entries in each Keystone token cache." + nullable: true + type: "integer" + url: + description: "The URL for the Keystone server." + type: "string" + required: + - "acceptedRoles" + - "serviceUserSecretName" + - "url" + type: "object" + type: "object" dataPool: description: "The data pool settings" nullable: true @@ -1280,6 +1315,40 @@ spec: preservePoolsOnDelete: description: "Preserve pools on object store deletion" type: "boolean" + protocols: + description: "The protocol specification" + properties: + s3: + description: "The spec for S3" + nullable: true + properties: + authUseKeystone: + description: "Whether to use Keystone for authentication. This option maps directly to the rgw_s3_auth_use_keystone option. Enabling it allows generating S3 credentials via an OpenStack API call, see the docs. If not given, the defaults of the corresponding RGW option apply." + nullable: true + type: "boolean" + enabled: + description: "Whether to enable S3. This defaults to true (even if protocols.s3 is not present in the CRD). This maintains backwards compatibility – by default S3 is enabled." + nullable: true + type: "boolean" + type: "object" + swift: + description: "The spec for Swift" + nullable: true + properties: + accountInUrl: + description: "Whether or not the Swift account name should be included in the Swift API URL. If set to false (the default), then the Swift API will listen on a URL formed like http://host:port//v1. If set to true, the Swift API URL will be http://host:port//v1/AUTH_. You must set this option to true (and update the Keystone service catalog) if you want radosgw to support publicly-readable containers and temporary URLs." + nullable: true + type: "boolean" + urlPrefix: + description: "The URL prefix for the Swift API, to distinguish it from the S3 API endpoint. The default is swift, which makes the Swift API available at the URL http://host:port/swift/v1 (or http://host:port/swift/v1/AUTH_%(tenant_id)s if rgw swift account in url is enabled)." + nullable: true + type: "string" + versioningEnabled: + description: "Enables the Object Versioning of OpenStack Object Storage API. This allows clients to put the X-Versions-Location attribute on containers that should be versioned." + nullable: true + type: "boolean" + type: "object" + type: "object" security: description: "Security represents security settings" nullable: true diff --git a/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml b/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml index b7a40e011..283bd44e5 100644 --- a/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml +++ b/crd-catalog/schemahero/schemahero/databases.schemahero.io/v1alpha4/databases.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "databases.databases.schemahero.io" spec: group: "databases.schemahero.io" @@ -31,10 +31,10 @@ spec: description: "Database is the Schema for the databases API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -3612,9 +3612,3 @@ spec: storage: true subresources: status: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml index ebc34e0a6..ab6fa2555 100644 --- a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml +++ b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/datatypes.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "datatypes.schemas.schemahero.io" spec: group: "schemas.schemahero.io" @@ -19,10 +19,10 @@ spec: description: "DataType is the Schema for the datatypes API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -63,9 +63,3 @@ spec: type: "object" served: true storage: true -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml index 0b89f83d9..75ee9f923 100644 --- a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml +++ b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/migrations.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "migrations.schemas.schemahero.io" spec: group: "schemas.schemahero.io" @@ -36,10 +36,10 @@ spec: description: "Migration is the Schema for the migrations API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -93,9 +93,3 @@ spec: served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml index c65763fb6..87e79d058 100644 --- a/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml +++ b/crd-catalog/schemahero/schemahero/schemas.schemahero.io/v1alpha4/tables.yaml @@ -2,7 +2,7 @@ apiVersion: "apiextensions.k8s.io/v1" kind: "CustomResourceDefinition" metadata: annotations: - controller-gen.kubebuilder.io/version: "v0.7.0" + controller-gen.kubebuilder.io/version: "v0.14.0" name: "tables.schemas.schemahero.io" spec: group: "schemas.schemahero.io" @@ -33,10 +33,10 @@ spec: description: "Table is the Schema for the tables API" properties: apiVersion: - description: "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" + description: "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources" type: "string" kind: - description: "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" + description: "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds" type: "string" metadata: type: "object" @@ -774,16 +774,10 @@ spec: description: "TableStatus defines the observed state of Table" properties: lastPlannedTableSpecSHA: - description: "We store the SHA of the table spec from the last time we executed a plan to make startup less noisy by skipping re-planning objects that have been planned we cannot use the resourceVersion or generation fields because updating them would cause the object to be modified again" + description: "We store the SHA of the table spec from the last time we executed a plan to\nmake startup less noisy by skipping re-planning objects that have been planned\nwe cannot use the resourceVersion or generation fields because updating them\nwould cause the object to be modified again" type: "string" type: "object" type: "object" served: true storage: true subresources: {} -status: - acceptedNames: - kind: "" - plural: "" - conditions: [] - storedVersions: [] diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml index 7ff92b55d..e3795741d 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/gateways.yaml @@ -366,6 +366,9 @@ spec: items: type: "string" type: "array" + oneWayTls: + nullable: true + type: "boolean" parameters: properties: cipherSuites: @@ -2291,6 +2294,9 @@ spec: items: type: "string" type: "array" + oneWayTls: + nullable: true + type: "boolean" parameters: properties: cipherSuites: diff --git a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml index 620730eea..8d7ef0fc8 100644 --- a/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml +++ b/crd-catalog/solo-io/gloo/gateway.solo.io/v1/httpgateways.yaml @@ -360,6 +360,9 @@ spec: items: type: "string" type: "array" + oneWayTls: + nullable: true + type: "boolean" parameters: properties: cipherSuites: diff --git a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml index 5b96c2406..f236e53d7 100644 --- a/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml +++ b/crd-catalog/solo-io/gloo/gloo.solo.io/v1/upstreams.yaml @@ -565,6 +565,9 @@ spec: items: type: "string" type: "array" + oneWayTls: + nullable: true + type: "boolean" parameters: properties: cipherSuites: @@ -860,6 +863,9 @@ spec: items: type: "string" type: "array" + oneWayTls: + nullable: true + type: "boolean" parameters: properties: cipherSuites: @@ -1531,6 +1537,9 @@ spec: items: type: "string" type: "array" + oneWayTls: + nullable: true + type: "boolean" parameters: properties: cipherSuites: diff --git a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml index 145ce1a54..64244cdbe 100644 --- a/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml +++ b/crd-catalog/traefik/traefik/traefik.io/v1alpha1/middlewares.yaml @@ -123,11 +123,16 @@ spec: type: "integer" type: "object" compress: - description: "Compress holds the compress middleware configuration.\nThis middleware compresses responses before sending them to the client, using gzip compression.\nMore info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/" + description: "Compress holds the compress middleware configuration.\nThis middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression.\nMore info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/" properties: defaultEncoding: description: "DefaultEncoding specifies the default encoding if the `Accept-Encoding` header is not in the request or contains a wildcard (`*`)." type: "string" + encodings: + description: "Encodings defines the list of supported compression algorithms." + items: + type: "string" + type: "array" excludedContentTypes: description: "ExcludedContentTypes defines the list of content types to compare the Content-Type header of the incoming requests and responses before compressing.\n`application/grpc` is always excluded." items: diff --git a/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs b/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs index 7866f6edb..eaa713d5f 100644 --- a/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs +++ b/kube-custom-resources-rs/src/acme_cert_manager_io/v1/challenges.rs @@ -614,151 +614,1092 @@ pub struct ChallengeSolverHttp01GatewayHttpRoute { /// https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")] pub parent_refs: Option>, + /// Optional pod template used to configure the ACME challenge solver pods + /// used for HTTP01 challenges. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplate")] + pub pod_template: Option, /// Optional service type for Kubernetes solver service. Supported values /// are NodePort or ClusterIP. If unset, defaults to NodePort. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, } -/// ParentReference identifies an API object (usually a Gateway) that can be considered -/// a parent of this resource (usually a route). There are two kinds of parent resources -/// with "Core" support: -/// -/// -/// * Gateway (Gateway conformance profile) -/// * Service (Mesh conformance profile, ClusterIP Services only) -/// -/// -/// This API may be extended in the future to support additional kinds of parent -/// resources. -/// -/// -/// The API object must be valid in the cluster; the Group and Kind must -/// be registered in the cluster for this reference to be valid. +/// ParentReference identifies an API object (usually a Gateway) that can be considered +/// a parent of this resource (usually a route). There are two kinds of parent resources +/// with "Core" support: +/// +/// +/// * Gateway (Gateway conformance profile) +/// * Service (Mesh conformance profile, ClusterIP Services only) +/// +/// +/// This API may be extended in the future to support additional kinds of parent +/// resources. +/// +/// +/// The API object must be valid in the cluster; the Group and Kind must +/// be registered in the cluster for this reference to be valid. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRouteParentRefs { + /// Group is the group of the referent. + /// When unspecified, "gateway.networking.k8s.io" is inferred. + /// To set the core API group (such as for a "Service" kind referent), + /// Group must be explicitly set to "" (empty string). + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind is kind of the referent. + /// + /// + /// There are two kinds of parent resources with "Core" support: + /// + /// + /// * Gateway (Gateway conformance profile) + /// * Service (Mesh conformance profile, ClusterIP Services only) + /// + /// + /// Support for other resources is Implementation-Specific. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name is the name of the referent. + /// + /// + /// Support: Core + pub name: String, + /// Namespace is the namespace of the referent. When unspecified, this refers + /// to the local namespace of the Route. + /// + /// + /// Note that there are specific rules for ParentRefs which cross namespace + /// boundaries. Cross-namespace references are only valid if they are explicitly + /// allowed by something in the namespace they are referring to. For example: + /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a + /// generic way to enable any other kind of cross-namespace reference. + /// + /// + /// + /// ParentRefs from a Route to a Service in the same namespace are "producer" + /// routes, which apply default routing rules to inbound connections from + /// any namespace to the Service. + /// + /// + /// ParentRefs from a Route to a Service in a different namespace are + /// "consumer" routes, and these routing rules are only applied to outbound + /// connections originating from the same namespace as the Route, for which + /// the intended destination of the connections are a Service targeted as a + /// ParentRef of the Route. + /// + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Port is the network port this Route targets. It can be interpreted + /// differently based on the type of parent resource. + /// + /// + /// When the parent resource is a Gateway, this targets all listeners + /// listening on the specified port that also support this kind of Route(and + /// select this Route). It's not recommended to set `Port` unless the + /// networking behaviors specified in a Route must apply to a specific port + /// as opposed to a listener(s) whose port(s) may be changed. When both Port + /// and SectionName are specified, the name and port of the selected listener + /// must match both specified values. + /// + /// + /// + /// When the parent resource is a Service, this targets a specific port in the + /// Service spec. When both Port (experimental) and SectionName are specified, + /// the name and port of the selected port must match both specified values. + /// + /// + /// + /// Implementations MAY choose to support other parent resources. + /// Implementations supporting other types of parent resources MUST clearly + /// document how/if Port is interpreted. + /// + /// + /// For the purpose of status, an attachment is considered successful as + /// long as the parent resource accepts it partially. For example, Gateway + /// listeners can restrict which Routes can attach to them by Route kind, + /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment + /// from the referencing Route, the Route MUST be considered successfully + /// attached. If no Gateway listeners accept attachment from this Route, + /// the Route MUST be considered detached from the Gateway. + /// + /// + /// Support: Extended + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// SectionName is the name of a section within the target resource. In the + /// following resources, SectionName is interpreted as the following: + /// + /// + /// * Gateway: Listener name. When both Port (experimental) and SectionName + /// are specified, the name and port of the selected listener must match + /// both specified values. + /// * Service: Port name. When both Port (experimental) and SectionName + /// are specified, the name and port of the selected listener must match + /// both specified values. + /// + /// + /// Implementations MAY choose to support attaching Routes to other resources. + /// If that is the case, they MUST clearly document how SectionName is + /// interpreted. + /// + /// + /// When unspecified (empty string), this will reference the entire resource. + /// For the purpose of status, an attachment is considered successful if at + /// least one section in the parent resource accepts it. For example, Gateway + /// listeners can restrict which Routes can attach to them by Route kind, + /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from + /// the referencing Route, the Route MUST be considered successfully + /// attached. If no Gateway listeners accept attachment from this Route, the + /// Route MUST be considered detached from the Gateway. + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] + pub section_name: Option, +} + +/// Optional pod template used to configure the ACME challenge solver pods +/// used for HTTP01 challenges. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplate { + /// ObjectMeta overrides for the pod used to solve HTTP01 challenges. + /// Only the 'labels' and 'annotations' fields may be set. + /// If labels or annotations overlap with in-built values, the values here + /// will override the in-built values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option, + /// PodSpec defines overrides for the HTTP01 challenge solver pod. + /// Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. + /// All other fields will be ignored. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// ObjectMeta overrides for the pod used to solve HTTP01 challenges. +/// Only the 'labels' and 'annotations' fields may be set. +/// If labels or annotations overlap with in-built values, the values here +/// will override the in-built values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateMetadata { + /// Annotations that should be added to the create ACME HTTP01 solver pods. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Labels that should be added to the created ACME HTTP01 solver pods. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, +} + +/// PodSpec defines overrides for the HTTP01 challenge solver pod. +/// Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. +/// All other fields will be ignored. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpec { + /// If specified, the pod's scheduling constraints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// If specified, the pod's imagePullSecrets + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, + /// NodeSelector is a selector which must be true for the pod to fit on a node. + /// Selector which must match a node's labels for the pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// If specified, the pod's priorityClassName. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] + pub priority_class_name: Option, + /// If specified, the pod's security context + #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] + pub security_context: Option, + /// If specified, the pod's service account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] + pub service_account_name: Option, + /// If specified, the pod's tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, +} + +/// If specified, the pod's scheduling constraints +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ChallengeSolverHttp01GatewayHttpRouteParentRefs { - /// Group is the group of the referent. - /// When unspecified, "gateway.networking.k8s.io" is inferred. - /// To set the core API group (such as for a "Service" kind referent), - /// Group must be explicitly set to "" (empty string). - /// - /// - /// Support: Core +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - /// Kind is kind of the referent. - /// - /// - /// There are two kinds of parent resources with "Core" support: + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecImagePullSecrets { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// If specified, the pod's security context +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: /// /// - /// * Gateway (Gateway conformance profile) - /// * Service (Mesh conformance profile, ClusterIP Services only) + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- /// /// - /// Support for other resources is Implementation-Specific. + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] + pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] + pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] + pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] + pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] + pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] + pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sysctls: Option>, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// Name is the name of the referent. + pub role: Option, + /// Type is a SELinux type label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, + /// User is a SELinux user label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: /// /// - /// Support: Core + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecSecurityContextSysctls { + /// Name of a property to set pub name: String, - /// Namespace is the namespace of the referent. When unspecified, this refers - /// to the local namespace of the Route. - /// - /// - /// Note that there are specific rules for ParentRefs which cross namespace - /// boundaries. Cross-namespace references are only valid if they are explicitly - /// allowed by something in the namespace they are referring to. For example: - /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a - /// generic way to enable any other kind of cross-namespace reference. - /// - /// - /// - /// ParentRefs from a Route to a Service in the same namespace are "producer" - /// routes, which apply default routing rules to inbound connections from - /// any namespace to the Service. - /// - /// - /// ParentRefs from a Route to a Service in a different namespace are - /// "consumer" routes, and these routing rules are only applied to outbound - /// connections originating from the same namespace as the Route, for which - /// the intended destination of the connections are a Service targeted as a - /// ParentRef of the Route. - /// - /// - /// - /// Support: Core + /// Value of a property to set + pub value: String, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01GatewayHttpRoutePodTemplateSpecTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, - /// Port is the network port this Route targets. It can be interpreted - /// differently based on the type of parent resource. - /// - /// - /// When the parent resource is a Gateway, this targets all listeners - /// listening on the specified port that also support this kind of Route(and - /// select this Route). It's not recommended to set `Port` unless the - /// networking behaviors specified in a Route must apply to a specific port - /// as opposed to a listener(s) whose port(s) may be changed. When both Port - /// and SectionName are specified, the name and port of the selected listener - /// must match both specified values. - /// - /// - /// - /// When the parent resource is a Service, this targets a specific port in the - /// Service spec. When both Port (experimental) and SectionName are specified, - /// the name and port of the selected port must match both specified values. - /// - /// - /// - /// Implementations MAY choose to support other parent resources. - /// Implementations supporting other types of parent resources MUST clearly - /// document how/if Port is interpreted. - /// - /// - /// For the purpose of status, an attachment is considered successful as - /// long as the parent resource accepts it partially. For example, Gateway - /// listeners can restrict which Routes can attach to them by Route kind, - /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - /// from the referencing Route, the Route MUST be considered successfully - /// attached. If no Gateway listeners accept attachment from this Route, - /// the Route MUST be considered detached from the Gateway. - /// - /// - /// Support: Extended + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// SectionName is the name of a section within the target resource. In the - /// following resources, SectionName is interpreted as the following: - /// - /// - /// * Gateway: Listener name. When both Port (experimental) and SectionName - /// are specified, the name and port of the selected listener must match - /// both specified values. - /// * Service: Port name. When both Port (experimental) and SectionName - /// are specified, the name and port of the selected listener must match - /// both specified values. - /// - /// - /// Implementations MAY choose to support attaching Routes to other resources. - /// If that is the case, they MUST clearly document how SectionName is - /// interpreted. - /// - /// - /// When unspecified (empty string), this will reference the entire resource. - /// For the purpose of status, an attachment is considered successful if at - /// least one section in the parent resource accepts it. For example, Gateway - /// listeners can restrict which Routes can attach to them by Route kind, - /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - /// the referencing Route, the Route MUST be considered successfully - /// attached. If no Gateway listeners accept attachment from this Route, the - /// Route MUST be considered detached from the Gateway. - /// - /// - /// Support: Core - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] - pub section_name: Option, + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, } /// The ingress based HTTP01 challenge solver will solve challenges by @@ -877,6 +1818,9 @@ pub struct ChallengeSolverHttp01IngressPodTemplateSpec { /// If specified, the pod's priorityClassName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, + /// If specified, the pod's security context + #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] + pub security_context: Option, /// If specified, the pod's service account #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, @@ -1601,6 +2545,136 @@ pub struct ChallengeSolverHttp01IngressPodTemplateSpecImagePullSecrets { pub name: Option, } +/// If specified, the pod's security context +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01IngressPodTemplateSpecSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] + pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] + pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] + pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] + pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] + pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] + pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sysctls: Option>, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01IngressPodTemplateSpecSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub level: Option, + /// Role is a SELinux role label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub role: Option, + /// Type is a SELinux type label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, + /// User is a SELinux user label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01IngressPodTemplateSpecSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ChallengeSolverHttp01IngressPodTemplateSpecSecurityContextSysctls { + /// Name of a property to set + pub name: String, + /// Value of a property to set + pub value: String, +} + /// The pod this Toleration is attached to tolerates any taint that matches /// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorityactivations.rs b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorityactivations.rs index 733f8de69..17d04352a 100644 --- a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorityactivations.rs +++ b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificateauthorityactivations.rs @@ -84,6 +84,8 @@ pub struct CertificateAuthorityActivationCertificateAuthorityRef { pub struct CertificateAuthorityActivationCertificateAuthorityRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// SecretKeyReference combines a k8s corev1.SecretReference with a diff --git a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificates.rs b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificates.rs index 873ebfab0..c8c9140d3 100644 --- a/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificates.rs +++ b/kube-custom-resources-rs/src/acmpca_services_k8s_aws/v1alpha1/certificates.rs @@ -428,6 +428,8 @@ pub struct CertificateCertificateAuthorityRef { pub struct CertificateCertificateAuthorityRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -452,6 +454,8 @@ pub struct CertificateCertificateSigningRequestRef { pub struct CertificateCertificateSigningRequestRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Information describing the end of the validity period of the certificate. diff --git a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/bundles.rs b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/bundles.rs index c44e19c37..2992f621d 100644 --- a/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/bundles.rs +++ b/kube-custom-resources-rs/src/anywhere_eks_amazonaws_com/v1alpha1/bundles.rs @@ -3181,6 +3181,10 @@ pub struct BundlesVersionsBundlesTinkerbellTinkerbellStackTink { pub nginx: BundlesVersionsBundlesTinkerbellTinkerbellStackTinkNginx, #[serde(rename = "tinkController")] pub tink_controller: BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkController, + #[serde(rename = "tinkRelay")] + pub tink_relay: BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkRelay, + #[serde(rename = "tinkRelayInit")] + pub tink_relay_init: BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkRelayInit, #[serde(rename = "tinkServer")] pub tink_server: BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkServer, #[serde(rename = "tinkWorker")] @@ -3255,6 +3259,74 @@ pub enum BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkControllerOs { Windows, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkRelay { + /// Architectures of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub arch: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub description: Option, + /// The SHA256 digest of the image manifest + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageDigest")] + pub image_digest: Option, + /// The asset name + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Operating system of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub os: Option, + /// Name of the OS like ubuntu, bottlerocket + #[serde(default, skip_serializing_if = "Option::is_none", rename = "osName")] + pub os_name: Option, + /// The image repository, name, and tag + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uri: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkRelayOs { + #[serde(rename = "linux")] + Linux, + #[serde(rename = "darwin")] + Darwin, + #[serde(rename = "windows")] + Windows, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkRelayInit { + /// Architectures of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub arch: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub description: Option, + /// The SHA256 digest of the image manifest + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageDigest")] + pub image_digest: Option, + /// The asset name + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Operating system of the asset + #[serde(default, skip_serializing_if = "Option::is_none")] + pub os: Option, + /// Name of the OS like ubuntu, bottlerocket + #[serde(default, skip_serializing_if = "Option::is_none", rename = "osName")] + pub os_name: Option, + /// The image repository, name, and tag + #[serde(default, skip_serializing_if = "Option::is_none")] + pub uri: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkRelayInitOs { + #[serde(rename = "linux")] + Linux, + #[serde(rename = "darwin")] + Darwin, + #[serde(rename = "windows")] + Windows, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BundlesVersionsBundlesTinkerbellTinkerbellStackTinkTinkServer { /// Architectures of the asset diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/authorizers.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/authorizers.rs index 4f540b15e..0a32f794d 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/authorizers.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/authorizers.rs @@ -79,6 +79,8 @@ pub struct AuthorizerApiRef { pub struct AuthorizerApiRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Represents the configuration of a JWT authorizer. Required for the JWT authorizer diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/deployments.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/deployments.rs index 3f52b5dc8..4a3562565 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/deployments.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/deployments.rs @@ -63,6 +63,8 @@ pub struct DeploymentApiRef { pub struct DeploymentApiRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// DeploymentStatus defines the observed state of Deployment diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/routes.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/routes.rs index 09737484c..e3bb851d0 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/routes.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/routes.rs @@ -101,6 +101,8 @@ pub struct RouteApiRef { pub struct RouteApiRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -125,6 +127,8 @@ pub struct RouteAuthorizerRef { pub struct RouteAuthorizerRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -155,6 +159,8 @@ pub struct RouteTargetRef { pub struct RouteTargetRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// RouteStatus defines the observed state of Route diff --git a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/stages.rs b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/stages.rs index ffb59e81c..69f0a8dc2 100644 --- a/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/stages.rs +++ b/kube-custom-resources-rs/src/apigatewayv2_services_k8s_aws/v1alpha1/stages.rs @@ -102,6 +102,8 @@ pub struct StageApiRef { pub struct StageApiRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Represents a collection of route settings. @@ -142,6 +144,8 @@ pub struct StageDeploymentRef { pub struct StageDeploymentRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/backuppolicytemplates.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/backuppolicytemplates.rs index e8579dd71..1169faa56 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/backuppolicytemplates.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/backuppolicytemplates.rs @@ -22,11 +22,6 @@ pub struct BackupPolicyTemplateSpec { /// or to a group of ComponentDefinitions that are different versions of definitions of the same component. #[serde(rename = "backupPolicies")] pub backup_policies: Vec, - /// Specifies the name of a ClusterDefinition. - /// This is an immutable attribute that cannot be changed after creation. - /// And this field is deprecated since v0.9, consider using the ComponentDef instead. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterDefinitionRef")] - pub cluster_definition_ref: Option, /// Specifies a unique identifier for the BackupPolicyTemplate. /// /// @@ -49,15 +44,6 @@ pub struct BackupPolicyTemplateBackupPolicies { /// Defines an array of BackupMethods to be used. #[serde(rename = "backupMethods")] pub backup_methods: Vec, - /// Specifies the name of ClusterComponentDefinition defined in the ClusterDefinition. - /// Must comply with the IANA Service Naming rule. - /// - /// - /// Deprecated since v0.9, should use `componentDefs` instead. - /// This field is maintained for backward compatibility and its use is discouraged. - /// Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "componentDefRef")] - pub component_def_ref: Option, /// Specifies a list of names of ComponentDefinitions that the specified ClusterDefinition references. /// They should be different versions of definitions of the same component, /// thus allowing them to share a single BackupPolicy. @@ -308,19 +294,15 @@ pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTarget { /// If `backupPolicy.componentDefs` is set, this field is required to specify the system account name. /// This account must match one listed in `componentDefinition.spec.systemAccounts[*].name`. /// The corresponding secret created by this account is used to connect to the database. - /// - /// - /// If `backupPolicy.componentDefRef` (a legacy and deprecated API) is set, the secret defined in - /// `clusterDefinition.spec.ConnectionCredential` is used instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub account: Option, /// Specifies the connection credential to connect to the target database cluster. #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectionCredential")] pub connection_credential: Option, - /// Specifies the keys of the connection credential secret defined in `clusterDefinition.spec.ConnectionCredential`. - /// It will be ignored when the `account` is set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectionCredentialKey")] - pub connection_credential_key: Option, + /// Specifies the fallback role to select one replica for backup, this only takes effect when the + /// `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackRole")] + pub fallback_role: Option, /// Specifies a mandatory and unique identifier for each target when using the "targets" field. /// The backup data for the current target is stored in a uniquely named subdirectory. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -379,29 +361,13 @@ pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetConnectionCreden pub username_key: Option, } -/// Specifies the keys of the connection credential secret defined in `clusterDefinition.spec.ConnectionCredential`. -/// It will be ignored when the `account` is set. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetConnectionCredentialKey { - /// Defines the key of the host in the connection credential secret. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostKey")] - pub host_key: Option, - /// Represents the key of the password in the connection credential secret. - /// If not specified, the default key "password" is used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordKey")] - pub password_key: Option, - /// Indicates map key of the port in the connection credential secret. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "portKey")] - pub port_key: Option, - /// Represents the key of the username in the connection credential secret. - /// If not specified, the default key "username" is used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "usernameKey")] - pub username_key: Option, -} - /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -421,6 +387,37 @@ pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -590,6 +587,10 @@ pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetsConnectionCrede /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetsPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -609,6 +610,37 @@ pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetsPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetsPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyTemplateBackupPoliciesBackupMethodsTargetsPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -720,16 +752,12 @@ pub struct BackupPolicyTemplateBackupPoliciesTarget { /// If `backupPolicy.componentDefs` is set, this field is required to specify the system account name. /// This account must match one listed in `componentDefinition.spec.systemAccounts[*].name`. /// The corresponding secret created by this account is used to connect to the database. - /// - /// - /// If `backupPolicy.componentDefRef` (a legacy and deprecated API) is set, the secret defined in - /// `clusterDefinition.spec.ConnectionCredential` is used instead. #[serde(default, skip_serializing_if = "Option::is_none")] pub account: Option, - /// Specifies the keys of the connection credential secret defined in `clusterDefinition.spec.ConnectionCredential`. - /// It will be ignored when the `account` is set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectionCredentialKey")] - pub connection_credential_key: Option, + /// Specifies the fallback role to select one replica for backup, this only takes effect when the + /// `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackRole")] + pub fallback_role: Option, /// Specifies the role to select one or more replicas for backup. /// /// @@ -753,26 +781,6 @@ pub struct BackupPolicyTemplateBackupPoliciesTarget { pub strategy: Option, } -/// Specifies the keys of the connection credential secret defined in `clusterDefinition.spec.ConnectionCredential`. -/// It will be ignored when the `account` is set. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct BackupPolicyTemplateBackupPoliciesTargetConnectionCredentialKey { - /// Defines the key of the host in the connection credential secret. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostKey")] - pub host_key: Option, - /// Represents the key of the password in the connection credential secret. - /// If not specified, the default key "password" is used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "passwordKey")] - pub password_key: Option, - /// Indicates map key of the port in the connection credential secret. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "portKey")] - pub port_key: Option, - /// Represents the key of the username in the connection credential secret. - /// If not specified, the default key "username" is used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "usernameKey")] - pub username_key: Option, -} - /// Defines the selection criteria of instance to be backed up, and the connection credential to be used /// during the backup process. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs index bf1838e3e..3eb1953df 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusterdefinitions.rs @@ -6,8 +6,6 @@ mod prelude { pub use kube::CustomResource; pub use serde::{Serialize, Deserialize}; - pub use std::collections::BTreeMap; - pub use k8s_openapi::apimachinery::pkg::util::intstr::IntOrString; } use self::prelude::*; @@ -19,8215 +17,11 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct ClusterDefinitionSpec { - /// Provides the definitions for the cluster components. - /// - /// - /// Deprecated since v0.9. - /// Components should now be individually defined using ComponentDefinition and - /// collectively referenced via `topology.components`. - /// This field is maintained for backward compatibility and its use is discouraged. - /// Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "componentDefs")] - pub component_defs: Option>, - /// Connection credential template used for creating a connection credential secret for cluster objects. - /// - /// - /// Built-in objects are: - /// - /// - /// - `$(RANDOM_PASSWD)` random 8 characters. - /// - `$(STRONG_RANDOM_PASSWD)` random 16 characters, with mixed cases, digits and symbols. - /// - `$(UUID)` generate a random UUID v4 string. - /// - `$(UUID_B64)` generate a random UUID v4 BASE64 encoded string. - /// - `$(UUID_STR_B64)` generate a random UUID v4 string then BASE64 encoded. - /// - `$(UUID_HEX)` generate a random UUID v4 HEX representation. - /// - `$(HEADLESS_SVC_FQDN)` headless service FQDN placeholder, value pattern is `$(CLUSTER_NAME)-$(1ST_COMP_NAME)-headless.$(NAMESPACE).svc`, - /// where 1ST_COMP_NAME is the 1st component that provide `ClusterDefinition.spec.componentDefs[].service` attribute; - /// - `$(SVC_FQDN)` service FQDN placeholder, value pattern is `$(CLUSTER_NAME)-$(1ST_COMP_NAME).$(NAMESPACE).svc`, - /// where 1ST_COMP_NAME is the 1st component that provide `ClusterDefinition.spec.componentDefs[].service` attribute; - /// - `$(SVC_PORT_{PORT-NAME})` is ServicePort's port value with specified port name, i.e, a servicePort JSON struct: - /// `{"name": "mysql", "targetPort": "mysqlContainerPort", "port": 3306}`, and `$(SVC_PORT_mysql)` in the - /// connection credential value is 3306. - /// - /// - /// Deprecated since v0.9. - /// This field is maintained for backward compatibility and its use is discouraged. - /// Existing usage should be updated to the current preferred approach to avoid compatibility issues in future releases. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "connectionCredential")] - pub connection_credential: Option>, /// Topologies defines all possible topologies within the cluster. #[serde(default, skip_serializing_if = "Option::is_none")] pub topologies: Option>, } -/// ClusterComponentDefinition defines a Component within a ClusterDefinition but is deprecated and -/// has been replaced by ComponentDefinition. -/// -/// -/// Deprecated: Use ComponentDefinition instead. This type is deprecated as of version 0.8. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ClusterDefinitionComponentDefs { - /// Defines well-known database component name, such as mongos(mongodb), proxy(redis), mariadb(mysql). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "characterType")] - pub character_type: Option, - /// Used to inject values from other components into the current component. Values will be saved and updated in a - /// configmap and mounted to the current component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "componentDefRef")] - pub component_def_ref: Option>, - /// Defines the template of configurations. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configSpecs")] - pub config_specs: Option>, - /// Defines spec for `Consensus` workloads. It's required if the workload type is `Consensus`. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "consensusSpec")] - pub consensus_spec: Option, - /// Defines the behavior of horizontal scale. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "horizontalScalePolicy")] - pub horizontal_scale_policy: Option, - /// Specify the logging files which can be observed and configured by cluster users. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "logConfigs")] - pub log_configs: Option>, - /// This name could be used as default name of `cluster.spec.componentSpecs.name`, and needs to conform with same - /// validation rules as `cluster.spec.componentSpecs.name`, currently complying with IANA Service Naming rule. - /// This name will apply to cluster objects as the value of label "apps.kubeblocks.io/component-name". - pub name: String, - /// Defines the pod spec template of component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSpec")] - pub pod_spec: Option, - /// Defines the command to be executed when the component is ready, and the command will only be executed once after - /// the component becomes ready. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStartSpec")] - pub post_start_spec: Option, - /// Settings for health checks. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub probes: Option, - /// Defines spec for `Replication` workloads. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "replicationSpec")] - pub replication_spec: Option, - /// Defines workload spec of this component. - /// From KB 0.7.0, RSM(InstanceSetSpec) will be the underlying CR which powers all kinds of workload in KB. - /// RSM is an enhanced stateful workload extension dedicated for heavy-state workloads like databases. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "rsmSpec")] - pub rsm_spec: Option, - /// Defines the template of scripts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scriptSpecs")] - pub script_specs: Option>, - /// Defines the service spec. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, - /// Used to declare the service reference of the current component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceRefDeclarations")] - pub service_ref_declarations: Option>, - /// Defines spec for `Stateful` workloads. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "statefulSpec")] - pub stateful_spec: Option, - /// Defines spec for `Stateless` workloads. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "statelessSpec")] - pub stateless_spec: Option, - /// Defines command to do switchover. - /// In particular, when workloadType=Replication, the command defined in switchoverSpec will only be executed under - /// the condition of cluster.componentSpecs[x].SwitchPolicy.type=Noop. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "switchoverSpec")] - pub switchover_spec: Option, - /// Defines system accounts needed to manage the component, and the statement to create them. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "systemAccounts")] - pub system_accounts: Option, - /// Defines settings to do volume protect. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeProtectionSpec")] - pub volume_protection_spec: Option, - /// Used to describe the purpose of the volumes mapping the name of the VolumeMounts in the PodSpec.Container field, - /// such as data volume, log volume, etc. When backing up the volume, the volume can be correctly backed up according - /// to the volumeType. - /// - /// - /// For example: - /// - /// - /// - `name: data, type: data` means that the volume named `data` is used to store `data`. - /// - `name: binlog, type: log` means that the volume named `binlog` is used to store `log`. - /// - /// - /// NOTE: When volumeTypes is not defined, the backup function will not be supported, even if a persistent volume has - /// been specified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeTypes")] - pub volume_types: Option>, - /// Defines the type of the workload. - /// - /// - /// - `Stateless` describes stateless applications. - /// - `Stateful` describes common stateful applications. - /// - `Consensus` describes applications based on consensus protocols, such as raft and paxos. - /// - `Replication` describes applications based on the primary-secondary data replication protocol. - #[serde(rename = "workloadType")] - pub workload_type: ClusterDefinitionComponentDefsWorkloadType, -} - -/// ComponentDefRef is used to select the component and its fields to be referenced. -/// -/// -/// Deprecated since v0.8. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsComponentDefRef { - /// The name of the componentDef to be selected. - #[serde(rename = "componentDefName")] - pub component_def_name: String, - /// The values that are to be injected as environment variables into each component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "componentRefEnv")] - pub component_ref_env: Option>, - /// Defines the policy to be followed in case of a failure in finding the component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failurePolicy")] - pub failure_policy: Option, -} - -/// ComponentRefEnv specifies name and value of an env. -/// -/// -/// Deprecated since v0.8. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsComponentDefRefComponentRefEnv { - /// The name of the env, it must be a C identifier. - pub name: String, - /// The value of the env. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// The source from which the value of the env. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// The source from which the value of the env. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsComponentDefRefComponentRefEnvValueFrom { - /// The jsonpath of the source to select when the Type is `FieldRef`. - /// Two objects are registered in the jsonpath: `componentDef` and `components`: - /// - /// - /// - `componentDef` is the component definition object specified in `componentRef.componentDefName`. - /// - `components` are the component list objects referring to the component definition object. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldPath")] - pub field_path: Option, - /// Defines the format of each headless service address. - /// Three builtin variables can be used as placeholders: `$POD_ORDINAL`, `$POD_FQDN`, `$POD_NAME` - /// - /// - /// - `$POD_ORDINAL` represents the ordinal of the pod. - /// - `$POD_FQDN` represents the fully qualified domain name of the pod. - /// - `$POD_NAME` represents the name of the pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub format: Option, - /// The string used to join the values of headless service addresses. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "joinWith")] - pub join_with: Option, - /// Specifies the source to select. It can be one of three types: `FieldRef`, `ServiceRef`, `HeadlessServiceRef`. - #[serde(rename = "type")] - pub r#type: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsConfigSpecs { - /// Specifies the containers to inject the ConfigMap parameters as environment variables. - /// - /// - /// This is useful when application images accept parameters through environment variables and - /// generate the final configuration file in the startup script based on these variables. - /// - /// - /// This field allows users to specify a list of container names, and KubeBlocks will inject the environment - /// variables converted from the ConfigMap into these designated containers. This provides a flexible way to - /// pass the configuration items from the ConfigMap to the container without modifying the image. - /// - /// - /// Deprecated: `asEnvFrom` has been deprecated since 0.9.0 and will be removed in 0.10.0. - /// Use `injectEnvTo` instead. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "asEnvFrom")] - pub as_env_from: Option>, - /// Specifies the name of the referenced configuration constraints object. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "constraintRef")] - pub constraint_ref: Option, - /// The operator attempts to set default file permissions for scripts (0555) and configurations (0444). - /// However, certain database engines may require different file permissions. - /// You can specify the desired file permissions here. - /// - /// - /// Must be specified as an octal value between 0000 and 0777 (inclusive), - /// or as a decimal value between 0 and 511 (inclusive). - /// YAML supports both octal and decimal values for file permissions. - /// - /// - /// Please note that this setting only affects the permissions of the files themselves. - /// Directories within the specified path are not impacted by this setting. - /// It's important to be aware that this setting might conflict with other options - /// that influence the file mode, such as fsGroup. - /// In such cases, the resulting file mode may have additional bits set. - /// Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// Specifies the containers to inject the ConfigMap parameters as environment variables. - /// - /// - /// This is useful when application images accept parameters through environment variables and - /// generate the final configuration file in the startup script based on these variables. - /// - /// - /// This field allows users to specify a list of container names, and KubeBlocks will inject the environment - /// variables converted from the ConfigMap into these designated containers. This provides a flexible way to - /// pass the configuration items from the ConfigMap to the container without modifying the image. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "injectEnvTo")] - pub inject_env_to: Option>, - /// Specifies the configuration files within the ConfigMap that support dynamic updates. - /// - /// - /// A configuration template (provided in the form of a ConfigMap) may contain templates for multiple - /// configuration files. - /// Each configuration file corresponds to a key in the ConfigMap. - /// Some of these configuration files may support dynamic modification and reloading without requiring - /// a pod restart. - /// - /// - /// If empty or omitted, all configuration files in the ConfigMap are assumed to support dynamic updates, - /// and ConfigConstraint applies to all keys. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub keys: Option>, - /// Specifies the secondary rendered config spec for pod-specific customization. - /// - /// - /// The template is rendered inside the pod (by the "config-manager" sidecar container) and merged with the main - /// template's render result to generate the final configuration file. - /// - /// - /// This field is intended to handle scenarios where different pods within the same Component have - /// varying configurations. It allows for pod-specific customization of the configuration. - /// - /// - /// Note: This field will be deprecated in future versions, and the functionality will be moved to - /// `cluster.spec.componentSpecs[*].instances[*]`. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "legacyRenderedConfigSpec")] - pub legacy_rendered_config_spec: Option, - /// Specifies the name of the configuration template. - pub name: String, - /// Specifies the namespace of the referenced configuration template ConfigMap object. - /// An empty namespace is equivalent to the "default" namespace. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, - /// Specifies whether the configuration needs to be re-rendered after v-scale or h-scale operations to reflect changes. - /// - /// - /// In some scenarios, the configuration may need to be updated to reflect the changes in resource allocation - /// or cluster topology. Examples: - /// - /// - /// - Redis: adjust maxmemory after v-scale operation. - /// - MySQL: increase max connections after v-scale operation. - /// - Zookeeper: update zoo.cfg with new node addresses after h-scale operation. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "reRenderResourceTypes")] - pub re_render_resource_types: Option>, - /// Specifies the name of the referenced configuration template ConfigMap object. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateRef")] - pub template_ref: Option, - /// Refers to the volume name of PodTemplate. The configuration file produced through the configuration - /// template will be mounted to the corresponding volume. Must be a DNS_LABEL name. - /// The volume name must be defined in podSpec.containers[*].volumeMounts. - #[serde(rename = "volumeName")] - pub volume_name: String, -} - -/// Specifies the secondary rendered config spec for pod-specific customization. -/// -/// -/// The template is rendered inside the pod (by the "config-manager" sidecar container) and merged with the main -/// template's render result to generate the final configuration file. -/// -/// -/// This field is intended to handle scenarios where different pods within the same Component have -/// varying configurations. It allows for pod-specific customization of the configuration. -/// -/// -/// Note: This field will be deprecated in future versions, and the functionality will be moved to -/// `cluster.spec.componentSpecs[*].instances[*]`. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsConfigSpecsLegacyRenderedConfigSpec { - /// Specifies the namespace of the referenced configuration template ConfigMap object. - /// An empty namespace is equivalent to the "default" namespace. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, - /// Defines the strategy for merging externally imported templates into component templates. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub policy: Option, - /// Specifies the name of the referenced configuration template ConfigMap object. - #[serde(rename = "templateRef")] - pub template_ref: String, -} - -/// Specifies the secondary rendered config spec for pod-specific customization. -/// -/// -/// The template is rendered inside the pod (by the "config-manager" sidecar container) and merged with the main -/// template's render result to generate the final configuration file. -/// -/// -/// This field is intended to handle scenarios where different pods within the same Component have -/// varying configurations. It allows for pod-specific customization of the configuration. -/// -/// -/// Note: This field will be deprecated in future versions, and the functionality will be moved to -/// `cluster.spec.componentSpecs[*].instances[*]`. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsConfigSpecsLegacyRenderedConfigSpecPolicy { - #[serde(rename = "patch")] - Patch, - #[serde(rename = "replace")] - Replace, - #[serde(rename = "none")] - None, -} - -/// Defines spec for `Consensus` workloads. It's required if the workload type is `Consensus`. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ClusterDefinitionComponentDefsConsensusSpec { - /// Members of the consensus set that have voting rights but are not the leader. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub followers: Option>, - /// Represents a single leader in the consensus set. - pub leader: ClusterDefinitionComponentDefsConsensusSpecLeader, - /// Represents a member of the consensus set that does not have voting rights. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub learner: Option, - /// Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down. - /// - /// - /// - `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod - /// is ready before continuing. Pods are removed in reverse order when scaling down. - /// - `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once - /// when scaling down. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "llPodManagementPolicy")] - pub ll_pod_management_policy: Option, - /// Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a - /// revision to the Template. - /// `UpdateStrategy` will be ignored if this is provided. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "llUpdateStrategy")] - pub ll_update_strategy: Option, - /// Specifies the strategy for updating Pods. - /// For workloadType=`Consensus`, the update strategy can be one of the following: - /// - /// - /// - `Serial`: Updates Members sequentially to minimize component downtime. - /// - `BestEffortParallel`: Updates Members in parallel to minimize component write downtime. Majority remains online - /// at all times. - /// - `Parallel`: Forces parallel updates. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStrategy")] - pub update_strategy: Option, -} - -/// ConsensusMember is deprecated since v0.7. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ClusterDefinitionComponentDefsConsensusSpecFollowers { - /// Specifies the services that this member is capable of providing. - #[serde(rename = "accessMode")] - pub access_mode: ClusterDefinitionComponentDefsConsensusSpecFollowersAccessMode, - /// Specifies the name of the consensus member. - pub name: String, - /// Indicates the number of Pods that perform this role. - /// The default is 1 for `Leader`, 0 for `Learner`, others for `Followers`. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub replicas: Option, -} - -/// ConsensusMember is deprecated since v0.7. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsConsensusSpecFollowersAccessMode { - None, - Readonly, - ReadWrite, -} - -/// Represents a single leader in the consensus set. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ClusterDefinitionComponentDefsConsensusSpecLeader { - /// Specifies the services that this member is capable of providing. - #[serde(rename = "accessMode")] - pub access_mode: ClusterDefinitionComponentDefsConsensusSpecLeaderAccessMode, - /// Specifies the name of the consensus member. - pub name: String, - /// Indicates the number of Pods that perform this role. - /// The default is 1 for `Leader`, 0 for `Learner`, others for `Followers`. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub replicas: Option, -} - -/// Represents a single leader in the consensus set. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsConsensusSpecLeaderAccessMode { - None, - Readonly, - ReadWrite, -} - -/// Represents a member of the consensus set that does not have voting rights. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ClusterDefinitionComponentDefsConsensusSpecLearner { - /// Specifies the services that this member is capable of providing. - #[serde(rename = "accessMode")] - pub access_mode: ClusterDefinitionComponentDefsConsensusSpecLearnerAccessMode, - /// Specifies the name of the consensus member. - pub name: String, - /// Indicates the number of Pods that perform this role. - /// The default is 1 for `Leader`, 0 for `Learner`, others for `Followers`. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub replicas: Option, -} - -/// Represents a member of the consensus set that does not have voting rights. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsConsensusSpecLearnerAccessMode { - None, - Readonly, - ReadWrite, -} - -/// Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a -/// revision to the Template. -/// `UpdateStrategy` will be ignored if this is provided. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsConsensusSpecLlUpdateStrategy { - /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] - pub rolling_update: Option, - /// Type indicates the type of the StatefulSetUpdateStrategy. - /// Default is RollingUpdate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsConsensusSpecLlUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be unavailable during the update. - /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - /// Absolute number is calculated from percentage by rounding up. This can not be 0. - /// Defaults to 1. This field is alpha-level and is only honored by servers that enable the - /// MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to - /// Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it - /// will be counted towards MaxUnavailable. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] - pub max_unavailable: Option, - /// Partition indicates the ordinal at which the StatefulSet should be partitioned - /// for updates. During a rolling update, all pods from ordinal Replicas-1 to - /// Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. - /// This is helpful in being able to do a canary based deployment. The default value is 0. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, -} - -/// Defines spec for `Consensus` workloads. It's required if the workload type is `Consensus`. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsConsensusSpecUpdateStrategy { - Serial, - BestEffortParallel, - Parallel, -} - -/// Defines the behavior of horizontal scale. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsHorizontalScalePolicy { - /// Refers to the backup policy template. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "backupPolicyTemplateName")] - pub backup_policy_template_name: Option, - /// Determines the data synchronization method when a component scales out. - /// The policy can be one of the following: {None, CloneVolume}. The default policy is `None`. - /// - /// - /// - `None`: This is the default policy. It creates an empty volume without data cloning. - /// - `CloneVolume`: This policy clones data to newly scaled pods. It first tries to use a volume snapshot. - /// If volume snapshot is not enabled, it will attempt to use a backup tool. If neither method works, it will report an error. - /// - `Snapshot`: This policy is deprecated and is an alias for CloneVolume. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, - /// Specifies the volumeMount of the container to backup. - /// This only works if Type is not None. If not specified, the first volumeMount will be selected. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMountsName")] - pub volume_mounts_name: Option, -} - -/// Defines the behavior of horizontal scale. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsHorizontalScalePolicyType { - None, - CloneVolume, - Snapshot, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsLogConfigs { - /// Specifies the paths or patterns identifying where the log files are stored. - /// This field allows the system to locate and manage log files effectively. - /// - /// - /// Examples: - /// - /// - /// - /home/postgres/pgdata/pgroot/data/log/postgresql-* - /// - /data/mysql/log/mysqld-error.log - #[serde(rename = "filePathPattern")] - pub file_path_pattern: String, - /// Specifies a descriptive label for the log type, such as 'slow' for a MySQL slow log file. - /// It provides a clear identification of the log's purpose and content. - pub name: String, -} - -/// Defines the pod spec template of component. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpec { - /// Optional duration in seconds the pod may be active on the node relative to - /// StartTime before the system will actively try to mark it failed and kill associated containers. - /// Value must be a positive integer. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeDeadlineSeconds")] - pub active_deadline_seconds: Option, - /// If specified, the pod's scheduling constraints - #[serde(default, skip_serializing_if = "Option::is_none")] - pub affinity: Option, - /// AutomountServiceAccountToken indicates whether a service account token should be automatically mounted. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "automountServiceAccountToken")] - pub automount_service_account_token: Option, - /// List of containers belonging to the pod. - /// Containers cannot currently be added or removed. - /// There must be at least one container in a Pod. - /// Cannot be updated. - pub containers: Vec, - /// Specifies the DNS parameters of a pod. - /// Parameters specified here will be merged to the generated DNS - /// configuration based on DNSPolicy. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsConfig")] - pub dns_config: Option, - /// Set DNS policy for the pod. - /// Defaults to "ClusterFirst". - /// Valid values are 'ClusterFirstWithHostNet', 'ClusterFirst', 'Default' or 'None'. - /// DNS parameters given in DNSConfig will be merged with the policy selected with DNSPolicy. - /// To have DNS options set along with hostNetwork, you have to specify DNS policy - /// explicitly to 'ClusterFirstWithHostNet'. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dnsPolicy")] - pub dns_policy: Option, - /// EnableServiceLinks indicates whether information about services should be injected into pod's - /// environment variables, matching the syntax of Docker links. - /// Optional: Defaults to true. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "enableServiceLinks")] - pub enable_service_links: Option, - /// List of ephemeral containers run in this pod. Ephemeral containers may be run in an existing - /// pod to perform user-initiated actions such as debugging. This list cannot be specified when - /// creating a pod, and it cannot be modified by updating the pod spec. In order to add an - /// ephemeral container to an existing pod, use the pod's ephemeralcontainers subresource. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "ephemeralContainers")] - pub ephemeral_containers: Option>, - /// HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts - /// file if specified. This is only valid for non-hostNetwork pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] - pub host_aliases: Option>, - /// Use the host's ipc namespace. - /// Optional: Default to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIPC")] - pub host_ipc: Option, - /// Host networking requested for this pod. Use the host's network namespace. - /// If this option is set, the ports that will be used must be specified. - /// Default to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostNetwork")] - pub host_network: Option, - /// Use the host's pid namespace. - /// Optional: Default to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPID")] - pub host_pid: Option, - /// Use the host's user namespace. - /// Optional: Default to true. - /// If set to true or not present, the pod will be run in the host user namespace, useful - /// for when the pod needs a feature only available to the host user namespace, such as - /// loading a kernel module with CAP_SYS_MODULE. - /// When set to false, a new userns is created for the pod. Setting false is useful for - /// mitigating container breakout vulnerabilities even allowing users to run their - /// containers as root without actually having root privileges on the host. - /// This field is alpha-level and is only honored by servers that enable the UserNamespacesSupport feature. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostUsers")] - pub host_users: Option, - /// Specifies the hostname of the Pod - /// If not specified, the pod's hostname will be set to a system-defined value. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub hostname: Option, - /// ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. - /// If specified, these secrets will be passed to individual puller implementations for them to use. - /// More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] - pub image_pull_secrets: Option>, - /// List of initialization containers belonging to the pod. - /// Init containers are executed in order prior to containers being started. If any - /// init container fails, the pod is considered to have failed and is handled according - /// to its restartPolicy. The name for an init container or normal container must be - /// unique among all containers. - /// Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. - /// The resourceRequirements of an init container are taken into account during scheduling - /// by finding the highest request/limit for each resource type, and then using the max of - /// of that value or the sum of the normal containers. Limits are applied to init containers - /// in a similar fashion. - /// Init containers cannot currently be added or removed. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initContainers")] - pub init_containers: Option>, - /// NodeName is a request to schedule this pod onto a specific node. If it is non-empty, - /// the scheduler simply schedules this pod onto that node, assuming that it fits resource - /// requirements. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeName")] - pub node_name: Option, - /// NodeSelector is a selector which must be true for the pod to fit on a node. - /// Selector which must match a node's labels for the pod to be scheduled on that node. - /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] - pub node_selector: Option>, - /// Specifies the OS of the containers in the pod. - /// Some pod and container fields are restricted if this is set. - /// - /// - /// If the OS field is set to linux, the following fields must be unset: - /// -securityContext.windowsOptions - /// - /// - /// If the OS field is set to windows, following fields must be unset: - /// - spec.hostPID - /// - spec.hostIPC - /// - spec.hostUsers - /// - spec.securityContext.seLinuxOptions - /// - spec.securityContext.seccompProfile - /// - spec.securityContext.fsGroup - /// - spec.securityContext.fsGroupChangePolicy - /// - spec.securityContext.sysctls - /// - spec.shareProcessNamespace - /// - spec.securityContext.runAsUser - /// - spec.securityContext.runAsGroup - /// - spec.securityContext.supplementalGroups - /// - spec.containers[*].securityContext.seLinuxOptions - /// - spec.containers[*].securityContext.seccompProfile - /// - spec.containers[*].securityContext.capabilities - /// - spec.containers[*].securityContext.readOnlyRootFilesystem - /// - spec.containers[*].securityContext.privileged - /// - spec.containers[*].securityContext.allowPrivilegeEscalation - /// - spec.containers[*].securityContext.procMount - /// - spec.containers[*].securityContext.runAsUser - /// - spec.containers[*].securityContext.runAsGroup - #[serde(default, skip_serializing_if = "Option::is_none")] - pub os: Option, - /// Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. - /// This field will be autopopulated at admission time by the RuntimeClass admission controller. If - /// the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. - /// The RuntimeClass admission controller will reject Pod create requests which have the overhead already - /// set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value - /// defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. - /// More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub overhead: Option>, - /// PreemptionPolicy is the Policy for preempting pods with lower priority. - /// One of Never, PreemptLowerPriority. - /// Defaults to PreemptLowerPriority if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preemptionPolicy")] - pub preemption_policy: Option, - /// The priority value. Various system components use this field to find the - /// priority of the pod. When Priority Admission Controller is enabled, it - /// prevents users from setting this field. The admission controller populates - /// this field from PriorityClassName. - /// The higher the value, the higher the priority. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub priority: Option, - /// If specified, indicates the pod's priority. "system-node-critical" and - /// "system-cluster-critical" are two special keywords which indicate the - /// highest priorities with the former being the highest priority. Any other - /// name must be defined by creating a PriorityClass object with that name. - /// If not specified, the pod priority will be default or zero if there is no - /// default. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] - pub priority_class_name: Option, - /// If specified, all readiness gates will be evaluated for pod readiness. - /// A pod is ready when all its containers are ready AND - /// all conditions specified in the readiness gates have status equal to "True" - /// More info: https://git.k8s.io/enhancements/keps/sig-network/580-pod-readiness-gates - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessGates")] - pub readiness_gates: Option>, - /// ResourceClaims defines which ResourceClaims must be allocated - /// and reserved before the Pod is allowed to start. The resources - /// will be made available to those containers which consume them - /// by name. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaims")] - pub resource_claims: Option>, - /// Restart policy for all containers within the pod. - /// One of Always, OnFailure, Never. In some contexts, only a subset of those values may be permitted. - /// Default to Always. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#restart-policy - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] - pub restart_policy: Option, - /// RuntimeClassName refers to a RuntimeClass object in the node.k8s.io group, which should be used - /// to run this pod. If no RuntimeClass resource matches the named class, the pod will not be run. - /// If unset or empty, the "legacy" RuntimeClass will be used, which is an implicit class with an - /// empty definition that uses the default runtime handler. - /// More info: https://git.k8s.io/enhancements/keps/sig-node/585-runtime-class - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runtimeClassName")] - pub runtime_class_name: Option, - /// If specified, the pod will be dispatched by specified scheduler. - /// If not specified, the pod will be dispatched by default scheduler. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] - pub scheduler_name: Option, - /// SchedulingGates is an opaque list of values that if specified will block scheduling the pod. - /// If schedulingGates is not empty, the pod will stay in the SchedulingGated state and the - /// scheduler will not attempt to schedule the pod. - /// - /// - /// SchedulingGates can only be set at pod creation time, and be removed only afterwards. - /// - /// - /// This is a beta feature enabled by the PodSchedulingReadiness feature gate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingGates")] - pub scheduling_gates: Option>, - /// SecurityContext holds pod-level security attributes and common container settings. - /// Optional: Defaults to empty. See type description for default values of each field. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] - pub security_context: Option, - /// DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. - /// Deprecated: Use serviceAccountName instead. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] - pub service_account: Option, - /// ServiceAccountName is the name of the ServiceAccount to use to run this pod. - /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/ - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] - pub service_account_name: Option, - /// If true the pod's hostname will be configured as the pod's FQDN, rather than the leaf name (the default). - /// In Linux containers, this means setting the FQDN in the hostname field of the kernel (the nodename field of struct utsname). - /// In Windows containers, this means setting the registry value of hostname for the registry key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\Tcpip\\Parameters to FQDN. - /// If a pod does not have FQDN, this has no effect. - /// Default to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "setHostnameAsFQDN")] - pub set_hostname_as_fqdn: Option, - /// Share a single process namespace between all of the containers in a pod. - /// When this is set containers will be able to view and signal processes from other containers - /// in the same pod, and the first process in each container will not be assigned PID 1. - /// HostPID and ShareProcessNamespace cannot both be set. - /// Optional: Default to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "shareProcessNamespace")] - pub share_process_namespace: Option, - /// If specified, the fully qualified Pod hostname will be "...svc.". - /// If not specified, the pod will not have a domainname at all. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub subdomain: Option, - /// Optional duration in seconds the pod needs to terminate gracefully. May be decreased in delete request. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// If this value is nil, the default grace period will be used instead. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// Defaults to 30 seconds. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// If specified, the pod's tolerations. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tolerations: Option>, - /// TopologySpreadConstraints describes how a group of pods ought to spread across topology - /// domains. Scheduler will schedule pods in a way which abides by the constraints. - /// All topologySpreadConstraints are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "topologySpreadConstraints")] - pub topology_spread_constraints: Option>, - /// List of volumes that can be mounted by containers belonging to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes - #[serde(default, skip_serializing_if = "Option::is_none")] - pub volumes: Option>, -} - -/// If specified, the pod's scheduling constraints -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinity { - /// Describes node affinity scheduling rules for the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] - pub node_affinity: Option, - /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] - pub pod_affinity: Option, - /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] - pub pod_anti_affinity: Option, -} - -/// Describes node affinity scheduling rules for the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node matches the corresponding matchExpressions; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to an update), the system - /// may or may not try to eventually evict the pod from its node. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option, -} - -/// An empty preferred scheduling term matches all objects with implicit weight 0 -/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// A node selector term, associated with the corresponding weight. - pub preference: ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, - /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. - pub weight: i32, -} - -/// A node selector term, associated with the corresponding weight. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { - /// A list of node selector requirements by node's labels. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// If the affinity requirements specified by this field are not met at -/// scheduling time, the pod will not be scheduled onto the node. -/// If the affinity requirements specified by this field cease to be met -/// at some point during pod execution (e.g. due to an update), the system -/// may or may not try to eventually evict the pod from its node. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// Required. A list of node selector terms. The terms are ORed. - #[serde(rename = "nodeSelectorTerms")] - pub node_selector_terms: Vec, -} - -/// A null or empty node selector term matches no objects. The requirements of -/// them are ANDed. -/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { - /// A list of node selector requirements by node's labels. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// A list of node selector requirements by node's fields. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] - pub match_fields: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A node selector requirement is a selector that contains values, a key, and an operator -/// that relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { - /// The label key that the selector applies to. - pub key: String, - /// Represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. - pub operator: String, - /// An array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. If the operator is Gt or Lt, the values - /// array must have a single element, which will be interpreted as an integer. - /// This array is replaced during a strategic merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to a pod label update), the - /// system may or may not try to eventually evict the pod from its node. - /// When there are multiple elements, the lists of nodes corresponding to each - /// podAffinityTerm are intersected, i.e. all terms must be satisfied. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, -} - -/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// Required. A pod affinity term, associated with the corresponding weight. - #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, - /// in the range 1-100. - pub weight: i32, -} - -/// Required. A pod affinity term, associated with the corresponding weight. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -/// A label query over a set of resources, in this case pods. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Defines a set of pods (namely those matching the labelSelector -/// relative to the given namespace(s)) that this pod should be -/// co-located (affinity) or not co-located (anti-affinity) with, -/// where co-located is defined as running on a node whose value of -/// the label with key matches that of any node on which -/// a pod of the set of pods is running -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -/// A label query over a set of resources, in this case pods. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinity { - /// The scheduler will prefer to schedule pods to nodes that satisfy - /// the anti-affinity expressions specified by this field, but it may choose - /// a node that violates one or more of the expressions. The node that is - /// most preferred is the one with the greatest sum of weights, i.e. - /// for each node that meets all of the scheduling requirements (resource - /// request, requiredDuringScheduling anti-affinity expressions, etc.), - /// compute a sum by iterating through the elements of this field and adding - /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the - /// node(s) with the highest sum are the most preferred. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] - pub preferred_during_scheduling_ignored_during_execution: Option>, - /// If the anti-affinity requirements specified by this field are not met at - /// scheduling time, the pod will not be scheduled onto the node. - /// If the anti-affinity requirements specified by this field cease to be met - /// at some point during pod execution (e.g. due to a pod label update), the - /// system may or may not try to eventually evict the pod from its node. - /// When there are multiple elements, the lists of nodes corresponding to each - /// podAffinityTerm are intersected, i.e. all terms must be satisfied. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] - pub required_during_scheduling_ignored_during_execution: Option>, -} - -/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { - /// Required. A pod affinity term, associated with the corresponding weight. - #[serde(rename = "podAffinityTerm")] - pub pod_affinity_term: ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, - /// weight associated with matching the corresponding podAffinityTerm, - /// in the range 1-100. - pub weight: i32, -} - -/// Required. A pod affinity term, associated with the corresponding weight. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { - /// A label query over a set of resources, in this case pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -/// A label query over a set of resources, in this case pods. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Defines a set of pods (namely those matching the labelSelector -/// relative to the given namespace(s)) that this pod should be -/// co-located (affinity) or not co-located (anti-affinity) with, -/// where co-located is defined as running on a node whose value of -/// the label with key matches that of any node on which -/// a pod of the set of pods is running -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { - /// A label query over a set of resources, in this case pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// A label query over the set of namespaces that the term applies to. - /// The term is applied to the union of the namespaces selected by this field - /// and the ones listed in the namespaces field. - /// null selector and null or empty namespaces list means "this pod's namespace". - /// An empty selector ({}) matches all namespaces. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] - pub namespace_selector: Option, - /// namespaces specifies a static list of namespace names that the term applies to. - /// The term is applied to the union of the namespaces listed in this field - /// and the ones selected by namespaceSelector. - /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespaces: Option>, - /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching - /// the labelSelector in the specified namespaces, where co-located is defined as running on a node - /// whose value of the label with key topologyKey matches that of any node on which any of the - /// selected pods is running. - /// Empty topologyKey is not allowed. - #[serde(rename = "topologyKey")] - pub topology_key: String, -} - -/// A label query over a set of resources, in this case pods. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A label query over the set of namespaces that the term applies to. -/// The term is applied to the union of the namespaces selected by this field -/// and the ones listed in the namespaces field. -/// null selector and null or empty namespaces list means "this pod's namespace". -/// An empty selector ({}) matches all namespaces. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// A single application container that you want to run within a pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainers { - /// Arguments to the entrypoint. - /// The container image's CMD is used if this is not provided. - /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - /// of whether the variable exists or not. Cannot be updated. - /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Entrypoint array. Not executed within a shell. - /// The container image's ENTRYPOINT is used if this is not provided. - /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - /// of whether the variable exists or not. Cannot be updated. - /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, - /// List of environment variables to set in the container. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// List of sources to populate environment variables in the container. - /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys - /// will be reported as an event when the container is starting. When a key exists in multiple - /// sources, the value associated with the last source will take precedence. - /// Values defined by an Env with a duplicate key will take precedence. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] - pub env_from: Option>, - /// Container image name. - /// More info: https://kubernetes.io/docs/concepts/containers/images - /// This field is optional to allow higher level config management to default or override - /// container images in workload controllers like Deployments and StatefulSets. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Image pull policy. - /// One of Always, Never, IfNotPresent. - /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] - pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lifecycle: Option, - /// Periodic probe of container liveness. - /// Container will be restarted if the probe fails. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] - pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. - /// Each container in a pod must have a unique name (DNS_LABEL). - /// Cannot be updated. - pub name: String, - /// List of ports to expose from the container. Not specifying a port here - /// DOES NOT prevent that port from being exposed. Any port which is - /// listening on the default "0.0.0.0" address inside a container will be - /// accessible from the network. - /// Modifying this array with strategic merge patch may corrupt the data. - /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ports: Option>, - /// Periodic probe of container service readiness. - /// Container will be removed from service endpoints if the probe fails. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] - pub readiness_probe: Option, - /// Resources resize policy for the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] - pub resize_policy: Option>, - /// Compute Resources required by this container. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. - /// This field may only be set for init containers, and the only allowed value is "Always". - /// For non-init containers or when this field is not specified, - /// the restart behavior is defined by the Pod's restart policy and the container type. - /// Setting the RestartPolicy as "Always" for the init container will have the following effect: - /// this init container will be continually restarted on - /// exit until all regular containers have terminated. Once all regular - /// containers have completed, all init containers with restartPolicy "Always" - /// will be shut down. This lifecycle differs from normal init containers and - /// is often referred to as a "sidecar" container. Although this init - /// container still starts in the init container sequence, it does not wait - /// for the container to complete before proceeding to the next init - /// container. Instead, the next init container starts immediately after this - /// init container is started, or after any startupProbe has successfully - /// completed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] - pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. - /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. - /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] - pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. - /// If specified, no other probes are executed until this completes successfully. - /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. - /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, - /// when it might take a long time to load data or warm a cache, than during steady-state operation. - /// This cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] - pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this - /// is not set, reads from stdin in the container will always result in EOF. - /// Default is false. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by - /// a single attach. When stdin is true the stdin stream will remain open across multiple attach - /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the - /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, - /// at which time stdin is closed and remains closed until the container is restarted. If this - /// flag is false, a container processes that reads from stdin will never receive an EOF. - /// Default is false - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] - pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message - /// will be written is mounted into the container's filesystem. - /// Message written is intended to be brief final status, such as an assertion failure message. - /// Will be truncated by the node if greater than 4096 bytes. The total message length across - /// all containers will be limited to 12kb. - /// Defaults to /dev/termination-log. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] - pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of - /// terminationMessagePath to populate the container status message on both success and failure. - /// FallbackToLogsOnError will use the last chunk of container log output if the termination - /// message file is empty and the container exited with an error. - /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. - /// Defaults to File. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] - pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. - /// Default is false. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tty: Option, - /// volumeDevices is the list of block devices to be used by the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] - pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - /// Container's working directory. - /// If not specified, the container runtime's default will be used, which - /// might be configured in the container image. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] - pub working_dir: Option, -} - -/// EnvVar represents an environment variable present in a Container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// EnvFromSource represents the source of a set of ConfigMaps -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersEnvFrom { - /// The ConfigMap to select from - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] - pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub prefix: Option, - /// The Secret to select from - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -/// The ConfigMap to select from -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersEnvFromConfigMapRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// The Secret to select from -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersEnvFromSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Actions that the management system should take in response to container lifecycle events. -/// Cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, - /// the container is terminated and restarted according to its restart policy. - /// Other management of the container blocks until the hook completes. - /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks - #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] - pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an - /// API request or management event such as liveness/startup probe failure, - /// preemption, resource contention, etc. The handler is not called if the - /// container crashes or exits. The Pod's termination grace period countdown begins before the - /// PreStop hook is executed. Regardless of the outcome of the handler, the - /// container will eventually terminate within the Pod's termination grace - /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes - /// or until the termination grace period is reached. - /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] - pub pre_stop: Option, -} - -/// PostStart is called immediately after a container is created. If the handler fails, -/// the container is terminated and restarted according to its restart policy. -/// Other management of the container blocks until the hook completes. -/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePostStart { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePostStartTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// PreStop is called immediately before a container is terminated due to an -/// API request or management event such as liveness/startup probe failure, -/// preemption, resource contention, etc. The handler is not called if the -/// container crashes or exits. The Pod's termination grace period countdown begins before the -/// PreStop hook is executed. Regardless of the outcome of the handler, the -/// container will eventually terminate within the Pod's termination grace -/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes -/// or until the termination grace period is reached. -/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePreStop { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLifecyclePreStopTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// Periodic probe of container liveness. -/// Container will be restarted if the probe fails. -/// Cannot be updated. -/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLivenessProbe { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - /// Defaults to 3. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. - /// Default to 10 seconds. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. - /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - /// value overrides the value provided by the pod spec. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// GRPC specifies an action involving a GRPC port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLivenessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. - pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest - /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// - /// - /// If this is not specified, the default behavior is defined by gRPC. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// TCPSocket specifies an action involving a TCP port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersLivenessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// ContainerPort represents a network port in a single container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersPorts { - /// Number of port to expose on the pod's IP address. - /// This must be a valid port number, 0 < x < 65536. - #[serde(rename = "containerPort")] - pub container_port: i32, - /// What host IP to bind the external port to. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] - pub host_ip: Option, - /// Number of port to expose on the host. - /// If specified, this must be a valid port number, 0 < x < 65536. - /// If HostNetwork is specified, this must match ContainerPort. - /// Most containers do not need this. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] - pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each - /// named port in a pod must have a unique name. Name for the port that can be - /// referred to by services. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. - /// Defaults to "TCP". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub protocol: Option, -} - -/// Periodic probe of container service readiness. -/// Container will be removed from service endpoints if the probe fails. -/// Cannot be updated. -/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersReadinessProbe { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - /// Defaults to 3. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. - /// Default to 10 seconds. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. - /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - /// value overrides the value provided by the pod spec. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// GRPC specifies an action involving a GRPC port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersReadinessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. - pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest - /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// - /// - /// If this is not specified, the default behavior is defined by gRPC. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// TCPSocket specifies an action involving a TCP port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersReadinessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// ContainerResizePolicy represents resource resize policy for the container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. - /// Supported values: cpu, memory. - #[serde(rename = "resourceName")] - pub resource_name: String, - /// Restart policy to apply when specified resource is resized. - /// If not specified, it defaults to NotRequired. - #[serde(rename = "restartPolicy")] - pub restart_policy: String, -} - -/// Compute Resources required by this container. -/// Cannot be updated. -/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - -/// SecurityContext defines the security options the container should be run with. -/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. -/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more - /// privileges than its parent process. This bool directly controls if - /// the no_new_privs flag will be set on the container process. - /// AllowPrivilegeEscalation is true always when the container is: - /// 1) run as Privileged - /// 2) has CAP_SYS_ADMIN - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] - pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. - /// Defaults to the default set of capabilities granted by the container runtime. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub capabilities: Option, - /// Run container in privileged mode. - /// Processes in privileged containers are essentially equivalent to root on the host. - /// Defaults to false. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for - /// readonly paths and masked paths. - /// This requires the ProcMountType feature flag to be enabled. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] - pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. - /// Default is false. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] - pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. - /// Uses runtime default if unset. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] - pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. - /// If true, the Kubelet will validate the image at runtime to ensure that it - /// does not run as UID 0 (root) and fail to start the container if it does. - /// If unset or false, no such validation will be performed. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] - pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. - /// Defaults to user specified in image metadata if unspecified. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] - pub run_as_user: Option, - /// The SELinux context to be applied to the container. - /// If unspecified, the container runtime will allocate a random SELinux context for each - /// container. May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] - pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are - /// provided at both the pod & container level, the container options - /// override the pod options. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] - pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. - /// If unspecified, the options from the PodSecurityContext will be used. - /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is linux. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] - pub windows_options: Option, -} - -/// The capabilities to add/drop when running containers. -/// Defaults to the default set of capabilities granted by the container runtime. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersSecurityContextCapabilities { - /// Added capabilities - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add: Option>, - /// Removed capabilities - #[serde(default, skip_serializing_if = "Option::is_none")] - pub drop: Option>, -} - -/// The SELinux context to be applied to the container. -/// If unspecified, the container runtime will allocate a random SELinux context for each -/// container. May also be set in PodSecurityContext. If set in both SecurityContext and -/// PodSecurityContext, the value specified in SecurityContext takes precedence. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersSecurityContextSeLinuxOptions { - /// Level is SELinux level label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub level: Option, - /// Role is a SELinux role label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub role: Option, - /// Type is a SELinux type label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, - /// User is a SELinux user label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// The seccomp options to use by this container. If seccomp options are -/// provided at both the pod & container level, the container options -/// override the pod options. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. - /// The profile must be preconfigured on the node to work. - /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must be set if type is "Localhost". Must NOT be set for any other type. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. - /// Valid options are: - /// - /// - /// Localhost - a profile defined in a file on the node should be used. - /// RuntimeDefault - the container runtime default profile should be used. - /// Unconfined - no profile should be applied. - #[serde(rename = "type")] - pub r#type: String, -} - -/// The Windows specific settings applied to all containers. -/// If unspecified, the options from the PodSecurityContext will be used. -/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -/// Note that this field cannot be set when spec.os.name is linux. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook - /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - /// GMSA credential spec named by the GMSACredentialSpecName field. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] - pub gmsa_credential_spec: Option, - /// GMSACredentialSpecName is the name of the GMSA credential spec to use. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] - pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. - /// All of a Pod's containers must have the same effective HostProcess value - /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - /// In addition, if HostProcess is true then HostNetwork must also be set to true. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] - pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. - /// Defaults to the user specified in image metadata if unspecified. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] - pub run_as_user_name: Option, -} - -/// StartupProbe indicates that the Pod has successfully initialized. -/// If specified, no other probes are executed until this completes successfully. -/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. -/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, -/// when it might take a long time to load data or warm a cache, than during steady-state operation. -/// This cannot be updated. -/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersStartupProbe { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - /// Defaults to 3. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. - /// Default to 10 seconds. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. - /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - /// value overrides the value provided by the pod spec. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// GRPC specifies an action involving a GRPC port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersStartupProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. - pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest - /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// - /// - /// If this is not specified, the default behavior is defined by gRPC. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// TCPSocket specifies an action involving a TCP port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersStartupProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// volumeDevice describes a mapping of a raw block device within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersVolumeDevices { - /// devicePath is the path inside of the container that the device will be mapped to. - #[serde(rename = "devicePath")] - pub device_path: String, - /// name must match the name of a persistentVolumeClaim in the pod - pub name: String, -} - -/// VolumeMount describes a mounting of a Volume within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must - /// not contain ':'. - #[serde(rename = "mountPath")] - pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host - /// to container and the other way around. - /// When not set, MountPropagationNone is used. - /// This field is beta in 1.10. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - /// This must match the Name of a Volume. - pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. - /// Defaults to "" (volume's root). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. - /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - /// Defaults to "" (volume's root). - /// SubPathExpr and SubPath are mutually exclusive. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, -} - -/// Specifies the DNS parameters of a pod. -/// Parameters specified here will be merged to the generated DNS -/// configuration based on DNSPolicy. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecDnsConfig { - /// A list of DNS name server IP addresses. - /// This will be appended to the base nameservers generated from DNSPolicy. - /// Duplicated nameservers will be removed. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub nameservers: Option>, - /// A list of DNS resolver options. - /// This will be merged with the base options generated from DNSPolicy. - /// Duplicated entries will be removed. Resolution options given in Options - /// will override those that appear in the base DNSPolicy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub options: Option>, - /// A list of DNS search domains for host-name lookup. - /// This will be appended to the base search paths generated from DNSPolicy. - /// Duplicated search paths will be removed. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub searches: Option>, -} - -/// PodDNSConfigOption defines DNS resolver options of a pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecDnsConfigOptions { - /// Required. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, -} - -/// An EphemeralContainer is a temporary container that you may add to an existing Pod for -/// user-initiated activities such as debugging. Ephemeral containers have no resource or -/// scheduling guarantees, and they will not be restarted when they exit or when a Pod is -/// removed or restarted. The kubelet may evict a Pod if an ephemeral container causes the -/// Pod to exceed its resource allocation. -/// -/// -/// To add an ephemeral container, use the ephemeralcontainers subresource of an existing -/// Pod. Ephemeral containers may not be removed or restarted. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainers { - /// Arguments to the entrypoint. - /// The image's CMD is used if this is not provided. - /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - /// of whether the variable exists or not. Cannot be updated. - /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Entrypoint array. Not executed within a shell. - /// The image's ENTRYPOINT is used if this is not provided. - /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - /// of whether the variable exists or not. Cannot be updated. - /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, - /// List of environment variables to set in the container. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// List of sources to populate environment variables in the container. - /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys - /// will be reported as an event when the container is starting. When a key exists in multiple - /// sources, the value associated with the last source will take precedence. - /// Values defined by an Env with a duplicate key will take precedence. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] - pub env_from: Option>, - /// Container image name. - /// More info: https://kubernetes.io/docs/concepts/containers/images - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Image pull policy. - /// One of Always, Never, IfNotPresent. - /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] - pub image_pull_policy: Option, - /// Lifecycle is not allowed for ephemeral containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lifecycle: Option, - /// Probes are not allowed for ephemeral containers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] - pub liveness_probe: Option, - /// Name of the ephemeral container specified as a DNS_LABEL. - /// This name must be unique among all containers, init containers and ephemeral containers. - pub name: String, - /// Ports are not allowed for ephemeral containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ports: Option>, - /// Probes are not allowed for ephemeral containers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] - pub readiness_probe: Option, - /// Resources resize policy for the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] - pub resize_policy: Option>, - /// Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources - /// already allocated to the pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// Restart policy for the container to manage the restart behavior of each - /// container within a pod. - /// This may only be set for init containers. You cannot set this field on - /// ephemeral containers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] - pub restart_policy: Option, - /// Optional: SecurityContext defines the security options the ephemeral container should be run with. - /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] - pub security_context: Option, - /// Probes are not allowed for ephemeral containers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] - pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this - /// is not set, reads from stdin in the container will always result in EOF. - /// Default is false. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by - /// a single attach. When stdin is true the stdin stream will remain open across multiple attach - /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the - /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, - /// at which time stdin is closed and remains closed until the container is restarted. If this - /// flag is false, a container processes that reads from stdin will never receive an EOF. - /// Default is false - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] - pub stdin_once: Option, - /// If set, the name of the container from PodSpec that this ephemeral container targets. - /// The ephemeral container will be run in the namespaces (IPC, PID, etc) of this container. - /// If not set then the ephemeral container uses the namespaces configured in the Pod spec. - /// - /// - /// The container runtime must implement support for this feature. If the runtime does not - /// support namespace targeting then the result of setting this field is undefined. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetContainerName")] - pub target_container_name: Option, - /// Optional: Path at which the file to which the container's termination message - /// will be written is mounted into the container's filesystem. - /// Message written is intended to be brief final status, such as an assertion failure message. - /// Will be truncated by the node if greater than 4096 bytes. The total message length across - /// all containers will be limited to 12kb. - /// Defaults to /dev/termination-log. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] - pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of - /// terminationMessagePath to populate the container status message on both success and failure. - /// FallbackToLogsOnError will use the last chunk of container log output if the termination - /// message file is empty and the container exited with an error. - /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. - /// Defaults to File. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] - pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. - /// Default is false. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tty: Option, - /// volumeDevices is the list of block devices to be used by the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] - pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. Subpath mounts are not allowed for ephemeral containers. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - /// Container's working directory. - /// If not specified, the container runtime's default will be used, which - /// might be configured in the container image. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] - pub working_dir: Option, -} - -/// EnvVar represents an environment variable present in a Container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// EnvFromSource represents the source of a set of ConfigMaps -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersEnvFrom { - /// The ConfigMap to select from - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] - pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub prefix: Option, - /// The Secret to select from - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -/// The ConfigMap to select from -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersEnvFromConfigMapRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// The Secret to select from -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersEnvFromSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Lifecycle is not allowed for ephemeral containers. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, - /// the container is terminated and restarted according to its restart policy. - /// Other management of the container blocks until the hook completes. - /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks - #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] - pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an - /// API request or management event such as liveness/startup probe failure, - /// preemption, resource contention, etc. The handler is not called if the - /// container crashes or exits. The Pod's termination grace period countdown begins before the - /// PreStop hook is executed. Regardless of the outcome of the handler, the - /// container will eventually terminate within the Pod's termination grace - /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes - /// or until the termination grace period is reached. - /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] - pub pre_stop: Option, -} - -/// PostStart is called immediately after a container is created. If the handler fails, -/// the container is terminated and restarted according to its restart policy. -/// Other management of the container blocks until the hook completes. -/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePostStart { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePostStartTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// PreStop is called immediately before a container is terminated due to an -/// API request or management event such as liveness/startup probe failure, -/// preemption, resource contention, etc. The handler is not called if the -/// container crashes or exits. The Pod's termination grace period countdown begins before the -/// PreStop hook is executed. Regardless of the outcome of the handler, the -/// container will eventually terminate within the Pod's termination grace -/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes -/// or until the termination grace period is reached. -/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePreStop { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLifecyclePreStopTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// Probes are not allowed for ephemeral containers. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLivenessProbe { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - /// Defaults to 3. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. - /// Default to 10 seconds. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. - /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - /// value overrides the value provided by the pod spec. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// GRPC specifies an action involving a GRPC port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLivenessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. - pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest - /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// - /// - /// If this is not specified, the default behavior is defined by gRPC. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// TCPSocket specifies an action involving a TCP port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersLivenessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// ContainerPort represents a network port in a single container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersPorts { - /// Number of port to expose on the pod's IP address. - /// This must be a valid port number, 0 < x < 65536. - #[serde(rename = "containerPort")] - pub container_port: i32, - /// What host IP to bind the external port to. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] - pub host_ip: Option, - /// Number of port to expose on the host. - /// If specified, this must be a valid port number, 0 < x < 65536. - /// If HostNetwork is specified, this must match ContainerPort. - /// Most containers do not need this. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] - pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each - /// named port in a pod must have a unique name. Name for the port that can be - /// referred to by services. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. - /// Defaults to "TCP". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub protocol: Option, -} - -/// Probes are not allowed for ephemeral containers. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersReadinessProbe { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - /// Defaults to 3. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. - /// Default to 10 seconds. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. - /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - /// value overrides the value provided by the pod spec. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// GRPC specifies an action involving a GRPC port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersReadinessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. - pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest - /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// - /// - /// If this is not specified, the default behavior is defined by gRPC. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// TCPSocket specifies an action involving a TCP port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersReadinessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// ContainerResizePolicy represents resource resize policy for the container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. - /// Supported values: cpu, memory. - #[serde(rename = "resourceName")] - pub resource_name: String, - /// Restart policy to apply when specified resource is resized. - /// If not specified, it defaults to NotRequired. - #[serde(rename = "restartPolicy")] - pub restart_policy: String, -} - -/// Resources are not allowed for ephemeral containers. Ephemeral containers use spare resources -/// already allocated to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - -/// Optional: SecurityContext defines the security options the ephemeral container should be run with. -/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more - /// privileges than its parent process. This bool directly controls if - /// the no_new_privs flag will be set on the container process. - /// AllowPrivilegeEscalation is true always when the container is: - /// 1) run as Privileged - /// 2) has CAP_SYS_ADMIN - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] - pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. - /// Defaults to the default set of capabilities granted by the container runtime. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub capabilities: Option, - /// Run container in privileged mode. - /// Processes in privileged containers are essentially equivalent to root on the host. - /// Defaults to false. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for - /// readonly paths and masked paths. - /// This requires the ProcMountType feature flag to be enabled. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] - pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. - /// Default is false. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] - pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. - /// Uses runtime default if unset. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] - pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. - /// If true, the Kubelet will validate the image at runtime to ensure that it - /// does not run as UID 0 (root) and fail to start the container if it does. - /// If unset or false, no such validation will be performed. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] - pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. - /// Defaults to user specified in image metadata if unspecified. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] - pub run_as_user: Option, - /// The SELinux context to be applied to the container. - /// If unspecified, the container runtime will allocate a random SELinux context for each - /// container. May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] - pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are - /// provided at both the pod & container level, the container options - /// override the pod options. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] - pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. - /// If unspecified, the options from the PodSecurityContext will be used. - /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is linux. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] - pub windows_options: Option, -} - -/// The capabilities to add/drop when running containers. -/// Defaults to the default set of capabilities granted by the container runtime. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersSecurityContextCapabilities { - /// Added capabilities - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add: Option>, - /// Removed capabilities - #[serde(default, skip_serializing_if = "Option::is_none")] - pub drop: Option>, -} - -/// The SELinux context to be applied to the container. -/// If unspecified, the container runtime will allocate a random SELinux context for each -/// container. May also be set in PodSecurityContext. If set in both SecurityContext and -/// PodSecurityContext, the value specified in SecurityContext takes precedence. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersSecurityContextSeLinuxOptions { - /// Level is SELinux level label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub level: Option, - /// Role is a SELinux role label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub role: Option, - /// Type is a SELinux type label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, - /// User is a SELinux user label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// The seccomp options to use by this container. If seccomp options are -/// provided at both the pod & container level, the container options -/// override the pod options. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. - /// The profile must be preconfigured on the node to work. - /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must be set if type is "Localhost". Must NOT be set for any other type. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. - /// Valid options are: - /// - /// - /// Localhost - a profile defined in a file on the node should be used. - /// RuntimeDefault - the container runtime default profile should be used. - /// Unconfined - no profile should be applied. - #[serde(rename = "type")] - pub r#type: String, -} - -/// The Windows specific settings applied to all containers. -/// If unspecified, the options from the PodSecurityContext will be used. -/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -/// Note that this field cannot be set when spec.os.name is linux. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook - /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - /// GMSA credential spec named by the GMSACredentialSpecName field. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] - pub gmsa_credential_spec: Option, - /// GMSACredentialSpecName is the name of the GMSA credential spec to use. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] - pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. - /// All of a Pod's containers must have the same effective HostProcess value - /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - /// In addition, if HostProcess is true then HostNetwork must also be set to true. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] - pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. - /// Defaults to the user specified in image metadata if unspecified. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] - pub run_as_user_name: Option, -} - -/// Probes are not allowed for ephemeral containers. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersStartupProbe { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - /// Defaults to 3. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. - /// Default to 10 seconds. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. - /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - /// value overrides the value provided by the pod spec. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// GRPC specifies an action involving a GRPC port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersStartupProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. - pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest - /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// - /// - /// If this is not specified, the default behavior is defined by gRPC. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// TCPSocket specifies an action involving a TCP port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersStartupProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// volumeDevice describes a mapping of a raw block device within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersVolumeDevices { - /// devicePath is the path inside of the container that the device will be mapped to. - #[serde(rename = "devicePath")] - pub device_path: String, - /// name must match the name of a persistentVolumeClaim in the pod - pub name: String, -} - -/// VolumeMount describes a mounting of a Volume within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecEphemeralContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must - /// not contain ':'. - #[serde(rename = "mountPath")] - pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host - /// to container and the other way around. - /// When not set, MountPropagationNone is used. - /// This field is beta in 1.10. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - /// This must match the Name of a Volume. - pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. - /// Defaults to "" (volume's root). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. - /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - /// Defaults to "" (volume's root). - /// SubPathExpr and SubPath are mutually exclusive. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, -} - -/// HostAlias holds the mapping between IP and hostnames that will be injected as an entry in the -/// pod's hosts file. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecHostAliases { - /// Hostnames for the above IP address. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub hostnames: Option>, - /// IP address of the host file entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, -} - -/// LocalObjectReference contains enough information to let you locate the -/// referenced object inside the same namespace. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecImagePullSecrets { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// A single application container that you want to run within a pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainers { - /// Arguments to the entrypoint. - /// The container image's CMD is used if this is not provided. - /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - /// of whether the variable exists or not. Cannot be updated. - /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// Entrypoint array. Not executed within a shell. - /// The container image's ENTRYPOINT is used if this is not provided. - /// Variable references $(VAR_NAME) are expanded using the container's environment. If a variable - /// cannot be resolved, the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. "$$(VAR_NAME)" will - /// produce the string literal "$(VAR_NAME)". Escaped references will never be expanded, regardless - /// of whether the variable exists or not. Cannot be updated. - /// More info: https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/#running-a-command-in-a-shell - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, - /// List of environment variables to set in the container. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// List of sources to populate environment variables in the container. - /// The keys defined within a source must be a C_IDENTIFIER. All invalid keys - /// will be reported as an event when the container is starting. When a key exists in multiple - /// sources, the value associated with the last source will take precedence. - /// Values defined by an Env with a duplicate key will take precedence. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "envFrom")] - pub env_from: Option>, - /// Container image name. - /// More info: https://kubernetes.io/docs/concepts/containers/images - /// This field is optional to allow higher level config management to default or override - /// container images in workload controllers like Deployments and StatefulSets. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, - /// Image pull policy. - /// One of Always, Never, IfNotPresent. - /// Defaults to Always if :latest tag is specified, or IfNotPresent otherwise. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/containers/images#updating-images - #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] - pub image_pull_policy: Option, - /// Actions that the management system should take in response to container lifecycle events. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lifecycle: Option, - /// Periodic probe of container liveness. - /// Container will be restarted if the probe fails. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "livenessProbe")] - pub liveness_probe: Option, - /// Name of the container specified as a DNS_LABEL. - /// Each container in a pod must have a unique name (DNS_LABEL). - /// Cannot be updated. - pub name: String, - /// List of ports to expose from the container. Not specifying a port here - /// DOES NOT prevent that port from being exposed. Any port which is - /// listening on the default "0.0.0.0" address inside a container will be - /// accessible from the network. - /// Modifying this array with strategic merge patch may corrupt the data. - /// For more information See https://github.com/kubernetes/kubernetes/issues/108255. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ports: Option>, - /// Periodic probe of container service readiness. - /// Container will be removed from service endpoints if the probe fails. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readinessProbe")] - pub readiness_probe: Option, - /// Resources resize policy for the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resizePolicy")] - pub resize_policy: Option>, - /// Compute Resources required by this container. - /// Cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// RestartPolicy defines the restart behavior of individual containers in a pod. - /// This field may only be set for init containers, and the only allowed value is "Always". - /// For non-init containers or when this field is not specified, - /// the restart behavior is defined by the Pod's restart policy and the container type. - /// Setting the RestartPolicy as "Always" for the init container will have the following effect: - /// this init container will be continually restarted on - /// exit until all regular containers have terminated. Once all regular - /// containers have completed, all init containers with restartPolicy "Always" - /// will be shut down. This lifecycle differs from normal init containers and - /// is often referred to as a "sidecar" container. Although this init - /// container still starts in the init container sequence, it does not wait - /// for the container to complete before proceeding to the next init - /// container. Instead, the next init container starts immediately after this - /// init container is started, or after any startupProbe has successfully - /// completed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "restartPolicy")] - pub restart_policy: Option, - /// SecurityContext defines the security options the container should be run with. - /// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. - /// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ - #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] - pub security_context: Option, - /// StartupProbe indicates that the Pod has successfully initialized. - /// If specified, no other probes are executed until this completes successfully. - /// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. - /// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, - /// when it might take a long time to load data or warm a cache, than during steady-state operation. - /// This cannot be updated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "startupProbe")] - pub startup_probe: Option, - /// Whether this container should allocate a buffer for stdin in the container runtime. If this - /// is not set, reads from stdin in the container will always result in EOF. - /// Default is false. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub stdin: Option, - /// Whether the container runtime should close the stdin channel after it has been opened by - /// a single attach. When stdin is true the stdin stream will remain open across multiple attach - /// sessions. If stdinOnce is set to true, stdin is opened on container start, is empty until the - /// first client attaches to stdin, and then remains open and accepts data until the client disconnects, - /// at which time stdin is closed and remains closed until the container is restarted. If this - /// flag is false, a container processes that reads from stdin will never receive an EOF. - /// Default is false - #[serde(default, skip_serializing_if = "Option::is_none", rename = "stdinOnce")] - pub stdin_once: Option, - /// Optional: Path at which the file to which the container's termination message - /// will be written is mounted into the container's filesystem. - /// Message written is intended to be brief final status, such as an assertion failure message. - /// Will be truncated by the node if greater than 4096 bytes. The total message length across - /// all containers will be limited to 12kb. - /// Defaults to /dev/termination-log. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePath")] - pub termination_message_path: Option, - /// Indicate how the termination message should be populated. File will use the contents of - /// terminationMessagePath to populate the container status message on both success and failure. - /// FallbackToLogsOnError will use the last chunk of container log output if the termination - /// message file is empty and the container exited with an error. - /// The log output is limited to 2048 bytes or 80 lines, whichever is smaller. - /// Defaults to File. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationMessagePolicy")] - pub termination_message_policy: Option, - /// Whether this container should allocate a TTY for itself, also requires 'stdin' to be true. - /// Default is false. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tty: Option, - /// volumeDevices is the list of block devices to be used by the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeDevices")] - pub volume_devices: Option>, - /// Pod volumes to mount into the container's filesystem. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMounts")] - pub volume_mounts: Option>, - /// Container's working directory. - /// If not specified, the container runtime's default will be used, which - /// might be configured in the container image. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "workingDir")] - pub working_dir: Option, -} - -/// EnvVar represents an environment variable present in a Container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// EnvFromSource represents the source of a set of ConfigMaps -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersEnvFrom { - /// The ConfigMap to select from - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapRef")] - pub config_map_ref: Option, - /// An optional identifier to prepend to each key in the ConfigMap. Must be a C_IDENTIFIER. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub prefix: Option, - /// The Secret to select from - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -/// The ConfigMap to select from -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersEnvFromConfigMapRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// The Secret to select from -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersEnvFromSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Actions that the management system should take in response to container lifecycle events. -/// Cannot be updated. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecycle { - /// PostStart is called immediately after a container is created. If the handler fails, - /// the container is terminated and restarted according to its restart policy. - /// Other management of the container blocks until the hook completes. - /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks - #[serde(default, skip_serializing_if = "Option::is_none", rename = "postStart")] - pub post_start: Option, - /// PreStop is called immediately before a container is terminated due to an - /// API request or management event such as liveness/startup probe failure, - /// preemption, resource contention, etc. The handler is not called if the - /// container crashes or exits. The Pod's termination grace period countdown begins before the - /// PreStop hook is executed. Regardless of the outcome of the handler, the - /// container will eventually terminate within the Pod's termination grace - /// period (unless delayed by finalizers). Other management of the container blocks until the hook completes - /// or until the termination grace period is reached. - /// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks - #[serde(default, skip_serializing_if = "Option::is_none", rename = "preStop")] - pub pre_stop: Option, -} - -/// PostStart is called immediately after a container is created. If the handler fails, -/// the container is terminated and restarted according to its restart policy. -/// Other management of the container blocks until the hook completes. -/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePostStart { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePostStartExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePostStartHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePostStartHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePostStartTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// PreStop is called immediately before a container is terminated due to an -/// API request or management event such as liveness/startup probe failure, -/// preemption, resource contention, etc. The handler is not called if the -/// container crashes or exits. The Pod's termination grace period countdown begins before the -/// PreStop hook is executed. Regardless of the outcome of the handler, the -/// container will eventually terminate within the Pod's termination grace -/// period (unless delayed by finalizers). Other management of the container blocks until the hook completes -/// or until the termination grace period is reached. -/// More info: https://kubernetes.io/docs/concepts/containers/container-lifecycle-hooks/#container-hooks -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePreStop { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept - /// for the backward compatibility. There are no validation of this field and - /// lifecycle hooks will fail in runtime when tcp handler is specified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePreStopExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePreStopHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePreStopHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept -/// for the backward compatibility. There are no validation of this field and -/// lifecycle hooks will fail in runtime when tcp handler is specified. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLifecyclePreStopTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// Periodic probe of container liveness. -/// Container will be restarted if the probe fails. -/// Cannot be updated. -/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLivenessProbe { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - /// Defaults to 3. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. - /// Default to 10 seconds. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. - /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - /// value overrides the value provided by the pod spec. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLivenessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// GRPC specifies an action involving a GRPC port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLivenessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. - pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest - /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// - /// - /// If this is not specified, the default behavior is defined by gRPC. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLivenessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLivenessProbeHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// TCPSocket specifies an action involving a TCP port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersLivenessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// ContainerPort represents a network port in a single container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersPorts { - /// Number of port to expose on the pod's IP address. - /// This must be a valid port number, 0 < x < 65536. - #[serde(rename = "containerPort")] - pub container_port: i32, - /// What host IP to bind the external port to. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostIP")] - pub host_ip: Option, - /// Number of port to expose on the host. - /// If specified, this must be a valid port number, 0 < x < 65536. - /// If HostNetwork is specified, this must match ContainerPort. - /// Most containers do not need this. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPort")] - pub host_port: Option, - /// If specified, this must be an IANA_SVC_NAME and unique within the pod. Each - /// named port in a pod must have a unique name. Name for the port that can be - /// referred to by services. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Protocol for port. Must be UDP, TCP, or SCTP. - /// Defaults to "TCP". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub protocol: Option, -} - -/// Periodic probe of container service readiness. -/// Container will be removed from service endpoints if the probe fails. -/// Cannot be updated. -/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersReadinessProbe { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - /// Defaults to 3. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. - /// Default to 10 seconds. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. - /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - /// value overrides the value provided by the pod spec. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersReadinessProbeExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// GRPC specifies an action involving a GRPC port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersReadinessProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. - pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest - /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// - /// - /// If this is not specified, the default behavior is defined by gRPC. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersReadinessProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersReadinessProbeHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// TCPSocket specifies an action involving a TCP port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersReadinessProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// ContainerResizePolicy represents resource resize policy for the container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersResizePolicy { - /// Name of the resource to which this resource resize policy applies. - /// Supported values: cpu, memory. - #[serde(rename = "resourceName")] - pub resource_name: String, - /// Restart policy to apply when specified resource is resized. - /// If not specified, it defaults to NotRequired. - #[serde(rename = "restartPolicy")] - pub restart_policy: String, -} - -/// Compute Resources required by this container. -/// Cannot be updated. -/// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - -/// SecurityContext defines the security options the container should be run with. -/// If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. -/// More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersSecurityContext { - /// AllowPrivilegeEscalation controls whether a process can gain more - /// privileges than its parent process. This bool directly controls if - /// the no_new_privs flag will be set on the container process. - /// AllowPrivilegeEscalation is true always when the container is: - /// 1) run as Privileged - /// 2) has CAP_SYS_ADMIN - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] - pub allow_privilege_escalation: Option, - /// The capabilities to add/drop when running containers. - /// Defaults to the default set of capabilities granted by the container runtime. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub capabilities: Option, - /// Run container in privileged mode. - /// Processes in privileged containers are essentially equivalent to root on the host. - /// Defaults to false. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub privileged: Option, - /// procMount denotes the type of proc mount to use for the containers. - /// The default is DefaultProcMount which uses the container runtime defaults for - /// readonly paths and masked paths. - /// This requires the ProcMountType feature flag to be enabled. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "procMount")] - pub proc_mount: Option, - /// Whether this container has a read-only root filesystem. - /// Default is false. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnlyRootFilesystem")] - pub read_only_root_filesystem: Option, - /// The GID to run the entrypoint of the container process. - /// Uses runtime default if unset. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] - pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. - /// If true, the Kubelet will validate the image at runtime to ensure that it - /// does not run as UID 0 (root) and fail to start the container if it does. - /// If unset or false, no such validation will be performed. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] - pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. - /// Defaults to user specified in image metadata if unspecified. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] - pub run_as_user: Option, - /// The SELinux context to be applied to the container. - /// If unspecified, the container runtime will allocate a random SELinux context for each - /// container. May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] - pub se_linux_options: Option, - /// The seccomp options to use by this container. If seccomp options are - /// provided at both the pod & container level, the container options - /// override the pod options. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] - pub seccomp_profile: Option, - /// The Windows specific settings applied to all containers. - /// If unspecified, the options from the PodSecurityContext will be used. - /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is linux. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] - pub windows_options: Option, -} - -/// The capabilities to add/drop when running containers. -/// Defaults to the default set of capabilities granted by the container runtime. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersSecurityContextCapabilities { - /// Added capabilities - #[serde(default, skip_serializing_if = "Option::is_none")] - pub add: Option>, - /// Removed capabilities - #[serde(default, skip_serializing_if = "Option::is_none")] - pub drop: Option>, -} - -/// The SELinux context to be applied to the container. -/// If unspecified, the container runtime will allocate a random SELinux context for each -/// container. May also be set in PodSecurityContext. If set in both SecurityContext and -/// PodSecurityContext, the value specified in SecurityContext takes precedence. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersSecurityContextSeLinuxOptions { - /// Level is SELinux level label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub level: Option, - /// Role is a SELinux role label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub role: Option, - /// Type is a SELinux type label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, - /// User is a SELinux user label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// The seccomp options to use by this container. If seccomp options are -/// provided at both the pod & container level, the container options -/// override the pod options. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. - /// The profile must be preconfigured on the node to work. - /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must be set if type is "Localhost". Must NOT be set for any other type. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. - /// Valid options are: - /// - /// - /// Localhost - a profile defined in a file on the node should be used. - /// RuntimeDefault - the container runtime default profile should be used. - /// Unconfined - no profile should be applied. - #[serde(rename = "type")] - pub r#type: String, -} - -/// The Windows specific settings applied to all containers. -/// If unspecified, the options from the PodSecurityContext will be used. -/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -/// Note that this field cannot be set when spec.os.name is linux. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook - /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - /// GMSA credential spec named by the GMSACredentialSpecName field. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] - pub gmsa_credential_spec: Option, - /// GMSACredentialSpecName is the name of the GMSA credential spec to use. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] - pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. - /// All of a Pod's containers must have the same effective HostProcess value - /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - /// In addition, if HostProcess is true then HostNetwork must also be set to true. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] - pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. - /// Defaults to the user specified in image metadata if unspecified. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] - pub run_as_user_name: Option, -} - -/// StartupProbe indicates that the Pod has successfully initialized. -/// If specified, no other probes are executed until this completes successfully. -/// If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. -/// This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, -/// when it might take a long time to load data or warm a cache, than during steady-state operation. -/// This cannot be updated. -/// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersStartupProbe { - /// Exec specifies the action to take. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub exec: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - /// Defaults to 3. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// GRPC specifies an action involving a GRPC port. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub grpc: Option, - /// HTTPGet specifies the http request to perform. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] - pub http_get: Option, - /// Number of seconds after the container has started before liveness probes are initiated. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// How often (in seconds) to perform the probe. - /// Default to 10 seconds. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Minimum consecutive successes for the probe to be considered successful after having failed. - /// Defaults to 1. Must be 1 for liveness and startup. Minimum value is 1. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// TCPSocket specifies an action involving a TCP port. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpSocket")] - pub tcp_socket: Option, - /// Optional duration in seconds the pod needs to terminate gracefully upon probe failure. - /// The grace period is the duration in seconds after the processes running in the pod are sent - /// a termination signal and the time when the processes are forcibly halted with a kill signal. - /// Set this value longer than the expected cleanup time for your process. - /// If this value is nil, the pod's terminationGracePeriodSeconds will be used. Otherwise, this - /// value overrides the value provided by the pod spec. - /// Value must be non-negative integer. The value zero indicates stop immediately via - /// the kill signal (no opportunity to shut down). - /// This is a beta field and requires enabling ProbeTerminationGracePeriod feature gate. - /// Minimum value is 1. spec.terminationGracePeriodSeconds is used if unset. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "terminationGracePeriodSeconds")] - pub termination_grace_period_seconds: Option, - /// Number of seconds after which the probe times out. - /// Defaults to 1 second. Minimum value is 1. - /// More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Exec specifies the action to take. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersStartupProbeExec { - /// Command is the command line to execute inside the container, the working directory for the - /// command is root ('/') in the container's filesystem. The command is simply exec'd, it is - /// not run inside a shell, so traditional shell instructions ('|', etc) won't work. To use - /// a shell, you need to explicitly call out to that shell. - /// Exit status of 0 is treated as live/healthy and non-zero is unhealthy. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub command: Option>, -} - -/// GRPC specifies an action involving a GRPC port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersStartupProbeGrpc { - /// Port number of the gRPC service. Number must be in the range 1 to 65535. - pub port: i32, - /// Service is the name of the service to place in the gRPC HealthCheckRequest - /// (see https://github.com/grpc/grpc/blob/master/doc/health-checking.md). - /// - /// - /// If this is not specified, the default behavior is defined by gRPC. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub service: Option, -} - -/// HTTPGet specifies the http request to perform. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersStartupProbeHttpGet { - /// Host name to connect to, defaults to the pod IP. You probably want to set - /// "Host" in httpHeaders instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Custom headers to set in the request. HTTP allows repeated headers. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpHeaders")] - pub http_headers: Option>, - /// Path to access on the HTTP server. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// Name or number of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, - /// Scheme to use for connecting to the host. - /// Defaults to HTTP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scheme: Option, -} - -/// HTTPHeader describes a custom header to be used in HTTP probes -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersStartupProbeHttpGetHttpHeaders { - /// The header field name. - /// This will be canonicalized upon output, so case-variant names will be understood as the same header. - pub name: String, - /// The header field value - pub value: String, -} - -/// TCPSocket specifies an action involving a TCP port. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersStartupProbeTcpSocket { - /// Optional: Host name to connect to, defaults to the pod IP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub host: Option, - /// Number or name of the port to access on the container. - /// Number must be in the range 1 to 65535. - /// Name must be an IANA_SVC_NAME. - pub port: IntOrString, -} - -/// volumeDevice describes a mapping of a raw block device within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersVolumeDevices { - /// devicePath is the path inside of the container that the device will be mapped to. - #[serde(rename = "devicePath")] - pub device_path: String, - /// name must match the name of a persistentVolumeClaim in the pod - pub name: String, -} - -/// VolumeMount describes a mounting of a Volume within a container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecInitContainersVolumeMounts { - /// Path within the container at which the volume should be mounted. Must - /// not contain ':'. - #[serde(rename = "mountPath")] - pub mount_path: String, - /// mountPropagation determines how mounts are propagated from the host - /// to container and the other way around. - /// When not set, MountPropagationNone is used. - /// This field is beta in 1.10. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] - pub mount_propagation: Option, - /// This must match the Name of a Volume. - pub name: String, - /// Mounted read-only if true, read-write otherwise (false or unspecified). - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// Path within the volume from which the container's volume should be mounted. - /// Defaults to "" (volume's root). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] - pub sub_path: Option, - /// Expanded path within the volume from which the container's volume should be mounted. - /// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. - /// Defaults to "" (volume's root). - /// SubPathExpr and SubPath are mutually exclusive. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPathExpr")] - pub sub_path_expr: Option, -} - -/// Specifies the OS of the containers in the pod. -/// Some pod and container fields are restricted if this is set. -/// -/// -/// If the OS field is set to linux, the following fields must be unset: -/// -securityContext.windowsOptions -/// -/// -/// If the OS field is set to windows, following fields must be unset: -/// - spec.hostPID -/// - spec.hostIPC -/// - spec.hostUsers -/// - spec.securityContext.seLinuxOptions -/// - spec.securityContext.seccompProfile -/// - spec.securityContext.fsGroup -/// - spec.securityContext.fsGroupChangePolicy -/// - spec.securityContext.sysctls -/// - spec.shareProcessNamespace -/// - spec.securityContext.runAsUser -/// - spec.securityContext.runAsGroup -/// - spec.securityContext.supplementalGroups -/// - spec.containers[*].securityContext.seLinuxOptions -/// - spec.containers[*].securityContext.seccompProfile -/// - spec.containers[*].securityContext.capabilities -/// - spec.containers[*].securityContext.readOnlyRootFilesystem -/// - spec.containers[*].securityContext.privileged -/// - spec.containers[*].securityContext.allowPrivilegeEscalation -/// - spec.containers[*].securityContext.procMount -/// - spec.containers[*].securityContext.runAsUser -/// - spec.containers[*].securityContext.runAsGroup -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecOs { - /// Name is the name of the operating system. The currently supported values are linux and windows. - /// Additional value may be defined in future and can be one of: - /// https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration - /// Clients should expect to handle additional values and treat unrecognized values in this field as os: null - pub name: String, -} - -/// PodReadinessGate contains the reference to a pod condition -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecReadinessGates { - /// ConditionType refers to a condition in the pod's condition list with matching type. - #[serde(rename = "conditionType")] - pub condition_type: String, -} - -/// PodResourceClaim references exactly one ResourceClaim through a ClaimSource. -/// It adds a name to it that uniquely identifies the ResourceClaim inside the Pod. -/// Containers that need access to the ResourceClaim reference it with this name. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecResourceClaims { - /// Name uniquely identifies this resource claim inside the pod. - /// This must be a DNS_LABEL. - pub name: String, - /// Source describes where to find the ResourceClaim. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub source: Option, -} - -/// Source describes where to find the ResourceClaim. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecResourceClaimsSource { - /// ResourceClaimName is the name of a ResourceClaim object in the same - /// namespace as this pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaimName")] - pub resource_claim_name: Option, - /// ResourceClaimTemplateName is the name of a ResourceClaimTemplate - /// object in the same namespace as this pod. - /// - /// - /// The template will be used to create a new ResourceClaim, which will - /// be bound to this pod. When this pod is deleted, the ResourceClaim - /// will also be deleted. The pod name and resource name, along with a - /// generated component, will be used to form a unique name for the - /// ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. - /// - /// - /// This field is immutable and no changes will be made to the - /// corresponding ResourceClaim by the control plane after creating the - /// ResourceClaim. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceClaimTemplateName")] - pub resource_claim_template_name: Option, -} - -/// PodSchedulingGate is associated to a Pod to guard its scheduling. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecSchedulingGates { - /// Name of the scheduling gate. - /// Each scheduling gate must have a unique name field. - pub name: String, -} - -/// SecurityContext holds pod-level security attributes and common container settings. -/// Optional: Defaults to empty. See type description for default values of each field. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecSecurityContext { - /// A special supplemental group that applies to all containers in a pod. - /// Some volume types allow the Kubelet to change the ownership of that volume - /// to be owned by the pod: - /// - /// - /// 1. The owning GID will be the FSGroup - /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) - /// 3. The permission bits are OR'd with rw-rw---- - /// - /// - /// If unset, the Kubelet will not modify the ownership and permissions of any volume. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] - pub fs_group: Option, - /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume - /// before being exposed inside Pod. This field will only apply to - /// volume types which support fsGroup based ownership(and permissions). - /// It will have no effect on ephemeral volume types such as: secret, configmaps - /// and emptydir. - /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] - pub fs_group_change_policy: Option, - /// The GID to run the entrypoint of the container process. - /// Uses runtime default if unset. - /// May also be set in SecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence - /// for that container. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] - pub run_as_group: Option, - /// Indicates that the container must run as a non-root user. - /// If true, the Kubelet will validate the image at runtime to ensure that it - /// does not run as UID 0 (root) and fail to start the container if it does. - /// If unset or false, no such validation will be performed. - /// May also be set in SecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] - pub run_as_non_root: Option, - /// The UID to run the entrypoint of the container process. - /// Defaults to user specified in image metadata if unspecified. - /// May also be set in SecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence - /// for that container. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] - pub run_as_user: Option, - /// The SELinux context to be applied to all containers. - /// If unspecified, the container runtime will allocate a random SELinux context for each - /// container. May also be set in SecurityContext. If set in - /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext - /// takes precedence for that container. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] - pub se_linux_options: Option, - /// The seccomp options to use by the containers in this pod. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] - pub seccomp_profile: Option, - /// A list of groups applied to the first process run in each container, in addition - /// to the container's primary GID, the fsGroup (if specified), and group memberships - /// defined in the container image for the uid of the container process. If unspecified, - /// no additional groups are added to any container. Note that group memberships - /// defined in the container image for the uid of the container process are still effective, - /// even if they are not included in this list. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] - pub supplemental_groups: Option>, - /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported - /// sysctls (by the container runtime) might fail to launch. - /// Note that this field cannot be set when spec.os.name is windows. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sysctls: Option>, - /// The Windows specific settings applied to all containers. - /// If unspecified, the options within a container's SecurityContext will be used. - /// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. - /// Note that this field cannot be set when spec.os.name is linux. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowsOptions")] - pub windows_options: Option, -} - -/// The SELinux context to be applied to all containers. -/// If unspecified, the container runtime will allocate a random SELinux context for each -/// container. May also be set in SecurityContext. If set in -/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext -/// takes precedence for that container. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecSecurityContextSeLinuxOptions { - /// Level is SELinux level label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub level: Option, - /// Role is a SELinux role label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub role: Option, - /// Type is a SELinux type label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, - /// User is a SELinux user label that applies to the container. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// The seccomp options to use by the containers in this pod. -/// Note that this field cannot be set when spec.os.name is windows. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecSecurityContextSeccompProfile { - /// localhostProfile indicates a profile defined in a file on the node should be used. - /// The profile must be preconfigured on the node to work. - /// Must be a descending path, relative to the kubelet's configured seccomp profile location. - /// Must be set if type is "Localhost". Must NOT be set for any other type. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] - pub localhost_profile: Option, - /// type indicates which kind of seccomp profile will be applied. - /// Valid options are: - /// - /// - /// Localhost - a profile defined in a file on the node should be used. - /// RuntimeDefault - the container runtime default profile should be used. - /// Unconfined - no profile should be applied. - #[serde(rename = "type")] - pub r#type: String, -} - -/// Sysctl defines a kernel parameter to be set -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecSecurityContextSysctls { - /// Name of a property to set - pub name: String, - /// Value of a property to set - pub value: String, -} - -/// The Windows specific settings applied to all containers. -/// If unspecified, the options within a container's SecurityContext will be used. -/// If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. -/// Note that this field cannot be set when spec.os.name is linux. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecSecurityContextWindowsOptions { - /// GMSACredentialSpec is where the GMSA admission webhook - /// (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the - /// GMSA credential spec named by the GMSACredentialSpecName field. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpec")] - pub gmsa_credential_spec: Option, - /// GMSACredentialSpecName is the name of the GMSA credential spec to use. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gmsaCredentialSpecName")] - pub gmsa_credential_spec_name: Option, - /// HostProcess determines if a container should be run as a 'Host Process' container. - /// All of a Pod's containers must have the same effective HostProcess value - /// (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). - /// In addition, if HostProcess is true then HostNetwork must also be set to true. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostProcess")] - pub host_process: Option, - /// The UserName in Windows to run the entrypoint of the container process. - /// Defaults to the user specified in image metadata if unspecified. - /// May also be set in PodSecurityContext. If set in both SecurityContext and - /// PodSecurityContext, the value specified in SecurityContext takes precedence. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUserName")] - pub run_as_user_name: Option, -} - -/// The pod this Toleration is attached to tolerates any taint that matches -/// the triple using the matching operator . -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecTolerations { - /// Effect indicates the taint effect to match. Empty means match all taint effects. - /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub effect: Option, - /// Key is the taint key that the toleration applies to. Empty means match all taint keys. - /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub key: Option, - /// Operator represents a key's relationship to the value. - /// Valid operators are Exists and Equal. Defaults to Equal. - /// Exists is equivalent to wildcard for value, so that a pod can - /// tolerate all taints of a particular category. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub operator: Option, - /// TolerationSeconds represents the period of time the toleration (which must be - /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, - /// it is not set, which means tolerate the taint forever (do not evict). Zero and - /// negative values will be treated as 0 (evict immediately) by the system. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] - pub toleration_seconds: Option, - /// Value is the taint value the toleration matches to. - /// If the operator is Exists, the value should be empty, otherwise just a regular string. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, -} - -/// TopologySpreadConstraint specifies how to spread matching pods among the given topology. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecTopologySpreadConstraints { - /// LabelSelector is used to find matching pods. - /// Pods that match this label selector are counted to determine the number of pods - /// in their corresponding topology domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] - pub label_selector: Option, - /// MatchLabelKeys is a set of pod label keys to select the pods over which - /// spreading will be calculated. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are ANDed with labelSelector - /// to select the group of existing pods over which spreading will be calculated - /// for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// MatchLabelKeys cannot be set when LabelSelector isn't set. - /// Keys that don't exist in the incoming pod labels will - /// be ignored. A null or empty list means only match against labelSelector. - /// - /// - /// This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] - pub match_label_keys: Option>, - /// MaxSkew describes the degree to which pods may be unevenly distributed. - /// When `whenUnsatisfiable=DoNotSchedule`, it is the maximum permitted difference - /// between the number of matching pods in the target topology and the global minimum. - /// The global minimum is the minimum number of matching pods in an eligible domain - /// or zero if the number of eligible domains is less than MinDomains. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 2/2/1: - /// In this case, the global minimum is 1. - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P | - /// - if MaxSkew is 1, incoming pod can only be scheduled to zone3 to become 2/2/2; - /// scheduling it onto zone1(zone2) would make the ActualSkew(3-1) on zone1(zone2) - /// violate MaxSkew(1). - /// - if MaxSkew is 2, incoming pod can be scheduled onto any zone. - /// When `whenUnsatisfiable=ScheduleAnyway`, it is used to give higher precedence - /// to topologies that satisfy it. - /// It's a required field. Default value is 1 and 0 is not allowed. - #[serde(rename = "maxSkew")] - pub max_skew: i32, - /// MinDomains indicates a minimum number of eligible domains. - /// When the number of eligible domains with matching topology keys is less than minDomains, - /// Pod Topology Spread treats "global minimum" as 0, and then the calculation of Skew is performed. - /// And when the number of eligible domains with matching topology keys equals or greater than minDomains, - /// this value has no effect on scheduling. - /// As a result, when the number of eligible domains is less than minDomains, - /// scheduler won't schedule more than maxSkew Pods to those domains. - /// If value is nil, the constraint behaves as if MinDomains is equal to 1. - /// Valid values are integers greater than 0. - /// When value is not nil, WhenUnsatisfiable must be DoNotSchedule. - /// - /// - /// For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same - /// labelSelector spread as 2/2/2: - /// | zone1 | zone2 | zone3 | - /// | P P | P P | P P | - /// The number of domains is less than 5(MinDomains), so "global minimum" is treated as 0. - /// In this situation, new pod with the same labelSelector cannot be scheduled, - /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, - /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] - pub min_domains: Option, - /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector - /// when calculating pod topology spread skew. Options are: - /// - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - /// - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. - /// - /// - /// If this value is nil, the behavior is equivalent to the Honor policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinityPolicy")] - pub node_affinity_policy: Option, - /// NodeTaintsPolicy indicates how we will treat node taints when calculating - /// pod topology spread skew. Options are: - /// - Honor: nodes without taints, along with tainted nodes for which the incoming pod - /// has a toleration, are included. - /// - Ignore: node taints are ignored. All nodes are included. - /// - /// - /// If this value is nil, the behavior is equivalent to the Ignore policy. - /// This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeTaintsPolicy")] - pub node_taints_policy: Option, - /// TopologyKey is the key of node labels. Nodes that have a label with this key - /// and identical values are considered to be in the same topology. - /// We consider each as a "bucket", and try to put balanced number - /// of pods into each bucket. - /// We define a domain as a particular instance of a topology. - /// Also, we define an eligible domain as a domain whose nodes meet the requirements of - /// nodeAffinityPolicy and nodeTaintsPolicy. - /// e.g. If TopologyKey is "kubernetes.io/hostname", each Node is a domain of that topology. - /// And, if TopologyKey is "topology.kubernetes.io/zone", each zone is a domain of that topology. - /// It's a required field. - #[serde(rename = "topologyKey")] - pub topology_key: String, - /// WhenUnsatisfiable indicates how to deal with a pod if it doesn't satisfy - /// the spread constraint. - /// - DoNotSchedule (default) tells the scheduler not to schedule it. - /// - ScheduleAnyway tells the scheduler to schedule the pod in any location, - /// but giving higher precedence to topologies that would help reduce the - /// skew. - /// A constraint is considered "Unsatisfiable" for an incoming pod - /// if and only if every possible node assignment for that pod would violate - /// "MaxSkew" on some topology. - /// For example, in a 3-zone cluster, MaxSkew is set to 1, and pods with the same - /// labelSelector spread as 3/1/1: - /// | zone1 | zone2 | zone3 | - /// | P P P | P | P | - /// If WhenUnsatisfiable is set to DoNotSchedule, incoming pod can only be scheduled - /// to zone2(zone3) to become 3/2/1(3/1/2) as ActualSkew(2-1) on zone2(zone3) satisfies - /// MaxSkew(1). In other words, the cluster can still be imbalanced, but scheduler - /// won't make it *more* imbalanced. - /// It's a required field. - #[serde(rename = "whenUnsatisfiable")] - pub when_unsatisfiable: String, -} - -/// LabelSelector is used to find matching pods. -/// Pods that match this label selector are counted to determine the number of pods -/// in their corresponding topology domain. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecTopologySpreadConstraintsLabelSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecTopologySpreadConstraintsLabelSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// Volume represents a named volume in a pod that may be accessed by any container in the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumes { - /// awsElasticBlockStore represents an AWS Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "awsElasticBlockStore")] - pub aws_elastic_block_store: Option, - /// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureDisk")] - pub azure_disk: Option, - /// azureFile represents an Azure File Service mount on the host and bind mount to the pod. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "azureFile")] - pub azure_file: Option, - /// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cephfs: Option, - /// cinder represents a cinder volume attached and mounted on kubelets host machine. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub cinder: Option, - /// configMap represents a configMap that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub csi: Option, - /// downwardAPI represents downward API about the pod that should populate this volume - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// emptyDir represents a temporary directory that shares a pod's lifetime. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "emptyDir")] - pub empty_dir: Option, - /// ephemeral represents a volume that is handled by a cluster storage driver. - /// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, - /// and deleted when the pod is removed. - /// - /// - /// Use this if: - /// a) the volume is only needed while the pod runs, - /// b) features of normal volumes like restoring from snapshot or capacity - /// tracking are needed, - /// c) the storage driver is specified through a storage class, and - /// d) the storage driver supports dynamic volume provisioning through - /// a PersistentVolumeClaim (see EphemeralVolumeSource for more - /// information on the connection between this volume type - /// and PersistentVolumeClaim). - /// - /// - /// Use PersistentVolumeClaim or one of the vendor-specific - /// APIs for volumes that persist for longer than the lifecycle - /// of an individual pod. - /// - /// - /// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to - /// be used that way - see the documentation of the driver for - /// more information. - /// - /// - /// A pod can use both types of ephemeral volumes and - /// persistent volumes at the same time. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ephemeral: Option, - /// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub fc: Option, - /// flexVolume represents a generic volume resource that is - /// provisioned/attached using an exec based plugin. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "flexVolume")] - pub flex_volume: Option, - /// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running - #[serde(default, skip_serializing_if = "Option::is_none")] - pub flocker: Option, - /// gcePersistentDisk represents a GCE Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gcePersistentDisk")] - pub gce_persistent_disk: Option, - /// gitRepo represents a git repository at a particular revision. - /// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an - /// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir - /// into the Pod's container. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "gitRepo")] - pub git_repo: Option, - /// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub glusterfs: Option, - /// hostPath represents a pre-existing file or directory on the host - /// machine that is directly exposed to the container. This is generally - /// used for system agents or other privileged things that are allowed - /// to see the host machine. Most containers will NOT need this. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - /// --- - /// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not - /// mount host directories as read/write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostPath")] - pub host_path: Option, - /// iscsi represents an ISCSI Disk resource that is attached to a - /// kubelet's host machine and then exposed to the pod. - /// More info: https://examples.k8s.io/volumes/iscsi/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub iscsi: Option, - /// name of the volume. - /// Must be a DNS_LABEL and unique within the pod. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - pub name: String, - /// nfs represents an NFS mount on the host that shares a pod's lifetime - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none")] - pub nfs: Option, - /// persistentVolumeClaimVolumeSource represents a reference to a - /// PersistentVolumeClaim in the same namespace. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(default, skip_serializing_if = "Option::is_none", rename = "persistentVolumeClaim")] - pub persistent_volume_claim: Option, - /// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "photonPersistentDisk")] - pub photon_persistent_disk: Option, - /// portworxVolume represents a portworx volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "portworxVolume")] - pub portworx_volume: Option, - /// projected items for all in one resources secrets, configmaps, and downward API - #[serde(default, skip_serializing_if = "Option::is_none")] - pub projected: Option, - /// quobyte represents a Quobyte mount on the host that shares a pod's lifetime - #[serde(default, skip_serializing_if = "Option::is_none")] - pub quobyte: Option, - /// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. - /// More info: https://examples.k8s.io/volumes/rbd/README.md - #[serde(default, skip_serializing_if = "Option::is_none")] - pub rbd: Option, - /// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scaleIO")] - pub scale_io: Option, - /// secret represents a secret that should populate this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub storageos: Option, - /// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "vsphereVolume")] - pub vsphere_volume: Option, -} - -/// awsElasticBlockStore represents an AWS Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesAwsElasticBlockStore { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// readOnly value true will force the readOnly setting in VolumeMounts. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID is unique ID of the persistent disk resource in AWS (Amazon EBS volume). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// azureDisk represents an Azure Data Disk mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesAzureDisk { - /// cachingMode is the Host Caching mode: None, Read Only, Read Write. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "cachingMode")] - pub caching_mode: Option, - /// diskName is the Name of the data disk in the blob storage - #[serde(rename = "diskName")] - pub disk_name: String, - /// diskURI is the URI of data disk in the blob storage - #[serde(rename = "diskURI")] - pub disk_uri: String, - /// fsType is Filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// kind expected values are Shared: multiple blob disks per storage account Dedicated: single blob disk per storage account Managed: azure managed data disk (only in managed availability set). defaults to shared - #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// azureFile represents an Azure File Service mount on the host and bind mount to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesAzureFile { - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretName is the name of secret that contains Azure Storage Account Name and Key - #[serde(rename = "secretName")] - pub secret_name: String, - /// shareName is the azure share Name - #[serde(rename = "shareName")] - pub share_name: String, -} - -/// cephFS represents a Ceph FS mount on the host that shares a pod's lifetime -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesCephfs { - /// monitors is Required: Monitors is a collection of Ceph monitors - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - pub monitors: Vec, - /// path is Optional: Used as the mounted root, rather than the full Ceph tree, default is / - #[serde(default, skip_serializing_if = "Option::is_none")] - pub path: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretFile is Optional: SecretFile is the path to key ring for User, default is /etc/ceph/user.secret - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretFile")] - pub secret_file: Option, - /// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is optional: User is the rados user name, default is admin - /// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. -/// More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesCephfsSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// cinder represents a cinder volume attached and mounted on kubelets host machine. -/// More info: https://examples.k8s.io/mysql-cinder-pd/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesCinder { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is optional: points to a secret object containing parameters used to connect - /// to OpenStack. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeID used to identify the volume in cinder. - /// More info: https://examples.k8s.io/mysql-cinder-pd/README.md - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// secretRef is optional: points to a secret object containing parameters used to connect -/// to OpenStack. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesCinderSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// configMap represents a configMap that should populate this volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesConfigMap { - /// defaultMode is optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesConfigMapItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// csi (Container Storage Interface) represents ephemeral storage that is handled by certain external CSI drivers (Beta feature). -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesCsi { - /// driver is the name of the CSI driver that handles this volume. - /// Consult with your admin for the correct name as registered in the cluster. - pub driver: String, - /// fsType to mount. Ex. "ext4", "xfs", "ntfs". - /// If not provided, the empty value is passed to the associated CSI driver - /// which will determine the default filesystem to apply. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// nodePublishSecretRef is a reference to the secret object containing - /// sensitive information to pass to the CSI driver to complete the CSI - /// NodePublishVolume and NodeUnpublishVolume calls. - /// This field is optional, and may be empty if no secret is required. If the - /// secret object contains more than one secret, all secret references are passed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodePublishSecretRef")] - pub node_publish_secret_ref: Option, - /// readOnly specifies a read-only configuration for the volume. - /// Defaults to false (read/write). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeAttributes stores driver-specific properties that are passed to the CSI - /// driver. Consult your driver's documentation for supported values. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributes")] - pub volume_attributes: Option>, -} - -/// nodePublishSecretRef is a reference to the secret object containing -/// sensitive information to pass to the CSI driver to complete the CSI -/// NodePublishVolume and NodeUnpublishVolume calls. -/// This field is optional, and may be empty if no secret is required. If the -/// secret object contains more than one secret, all secret references are passed. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesCsiNodePublishSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// downwardAPI represents downward API about the pod that should populate this volume -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesDownwardApi { - /// Optional: mode bits to use on created files by default. Must be a - /// Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// Items is a list of downward API volume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -/// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// emptyDir represents a temporary directory that shares a pod's lifetime. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEmptyDir { - /// medium represents what type of storage medium should back this directory. - /// The default is "" which means to use the node's default medium. - /// Must be an empty string (default) or Memory. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none")] - pub medium: Option, - /// sizeLimit is the total amount of local storage required for this EmptyDir volume. - /// The size limit is also applicable for memory medium. - /// The maximum usage on memory medium EmptyDir would be the minimum value between - /// the SizeLimit specified here and the sum of memory limits of all containers in a pod. - /// The default is nil which means that the limit is undefined. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#emptydir - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sizeLimit")] - pub size_limit: Option, -} - -/// ephemeral represents a volume that is handled by a cluster storage driver. -/// The volume's lifecycle is tied to the pod that defines it - it will be created before the pod starts, -/// and deleted when the pod is removed. -/// -/// -/// Use this if: -/// a) the volume is only needed while the pod runs, -/// b) features of normal volumes like restoring from snapshot or capacity -/// tracking are needed, -/// c) the storage driver is specified through a storage class, and -/// d) the storage driver supports dynamic volume provisioning through -/// a PersistentVolumeClaim (see EphemeralVolumeSource for more -/// information on the connection between this volume type -/// and PersistentVolumeClaim). -/// -/// -/// Use PersistentVolumeClaim or one of the vendor-specific -/// APIs for volumes that persist for longer than the lifecycle -/// of an individual pod. -/// -/// -/// Use CSI for light-weight local ephemeral volumes if the CSI driver is meant to -/// be used that way - see the documentation of the driver for -/// more information. -/// -/// -/// A pod can use both types of ephemeral volumes and -/// persistent volumes at the same time. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeral { - /// Will be used to create a stand-alone PVC to provision the volume. - /// The pod in which this EphemeralVolumeSource is embedded will be the - /// owner of the PVC, i.e. the PVC will be deleted together with the - /// pod. The name of the PVC will be `-` where - /// `` is the name from the `PodSpec.Volumes` array - /// entry. Pod validation will reject the pod if the concatenated name - /// is not valid for a PVC (for example, too long). - /// - /// - /// An existing PVC with that name that is not owned by the pod - /// will *not* be used for the pod to avoid using an unrelated - /// volume by mistake. Starting the pod is then blocked until - /// the unrelated PVC is removed. If such a pre-created PVC is - /// meant to be used by the pod, the PVC has to updated with an - /// owner reference to the pod once the pod exists. Normally - /// this should not be necessary, but it may be useful when - /// manually reconstructing a broken cluster. - /// - /// - /// This field is read-only and no changes will be made by Kubernetes - /// to the PVC after it has been created. - /// - /// - /// Required, must not be nil. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeClaimTemplate")] - pub volume_claim_template: Option, -} - -/// Will be used to create a stand-alone PVC to provision the volume. -/// The pod in which this EphemeralVolumeSource is embedded will be the -/// owner of the PVC, i.e. the PVC will be deleted together with the -/// pod. The name of the PVC will be `-` where -/// `` is the name from the `PodSpec.Volumes` array -/// entry. Pod validation will reject the pod if the concatenated name -/// is not valid for a PVC (for example, too long). -/// -/// -/// An existing PVC with that name that is not owned by the pod -/// will *not* be used for the pod to avoid using an unrelated -/// volume by mistake. Starting the pod is then blocked until -/// the unrelated PVC is removed. If such a pre-created PVC is -/// meant to be used by the pod, the PVC has to updated with an -/// owner reference to the pod once the pod exists. Normally -/// this should not be necessary, but it may be useful when -/// manually reconstructing a broken cluster. -/// -/// -/// This field is read-only and no changes will be made by Kubernetes -/// to the PVC after it has been created. -/// -/// -/// Required, must not be nil. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplate { - /// May contain labels and annotations that will be copied into the PVC - /// when creating it. No other fields are allowed and will be rejected during - /// validation. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub metadata: Option, - /// The specification for the PersistentVolumeClaim. The entire content is - /// copied unchanged into the PVC that gets created from this - /// template. The same fields as in a PersistentVolumeClaim - /// are also valid here. - pub spec: ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplateSpec, -} - -/// May contain labels and annotations that will be copied into the PVC -/// when creating it. No other fields are allowed and will be rejected during -/// validation. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplateMetadata { - #[serde(default, skip_serializing_if = "Option::is_none")] - pub annotations: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub finalizers: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub labels: Option>, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// The specification for the PersistentVolumeClaim. The entire content is -/// copied unchanged into the PVC that gets created from this -/// template. The same fields as in a PersistentVolumeClaim -/// are also valid here. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplateSpec { - /// accessModes contains the desired access modes the volume should have. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#access-modes-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessModes")] - pub access_modes: Option>, - /// dataSource field can be used to specify either: - /// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) - /// * An existing PVC (PersistentVolumeClaim) - /// If the provisioner or an external controller can support the specified data source, - /// it will create a new volume based on the contents of the specified data source. - /// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, - /// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. - /// If the namespace is specified, then dataSourceRef will not be copied to dataSource. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSource")] - pub data_source: Option, - /// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty - /// volume is desired. This may be any object from a non-empty API group (non - /// core object) or a PersistentVolumeClaim object. - /// When this field is specified, volume binding will only succeed if the type of - /// the specified object matches some installed volume populator or dynamic - /// provisioner. - /// This field will replace the functionality of the dataSource field and as such - /// if both fields are non-empty, they must have the same value. For backwards - /// compatibility, when namespace isn't specified in dataSourceRef, - /// both fields (dataSource and dataSourceRef) will be set to the same - /// value automatically if one of them is empty and the other is non-empty. - /// When namespace is specified in dataSourceRef, - /// dataSource isn't set to the same value and must be empty. - /// There are three important differences between dataSource and dataSourceRef: - /// * While dataSource only allows two specific types of objects, dataSourceRef - /// allows any non-core object, as well as PersistentVolumeClaim objects. - /// * While dataSource ignores disallowed values (dropping them), dataSourceRef - /// preserves all values, and generates an error if a disallowed value is - /// specified. - /// * While dataSource only allows local objects, dataSourceRef allows objects - /// in any namespaces. - /// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. - /// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataSourceRef")] - pub data_source_ref: Option, - /// resources represents the minimum resources the volume should have. - /// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements - /// that are lower than previous value but must still be higher than capacity recorded in the - /// status field of the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources - #[serde(default, skip_serializing_if = "Option::is_none")] - pub resources: Option, - /// selector is a label query over volumes to consider for binding. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub selector: Option, - /// storageClassName is the name of the StorageClass required by the claim. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] - pub storage_class_name: Option, - /// volumeMode defines what type of volume is required by the claim. - /// Value of Filesystem is implied when not included in claim spec. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] - pub volume_mode: Option, - /// volumeName is the binding reference to the PersistentVolume backing this claim. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// dataSource field can be used to specify either: -/// * An existing VolumeSnapshot object (snapshot.storage.k8s.io/VolumeSnapshot) -/// * An existing PVC (PersistentVolumeClaim) -/// If the provisioner or an external controller can support the specified data source, -/// it will create a new volume based on the contents of the specified data source. -/// When the AnyVolumeDataSource feature gate is enabled, dataSource contents will be copied to dataSourceRef, -/// and dataSourceRef contents will be copied to dataSource when dataSourceRef.namespace is not specified. -/// If the namespace is specified, then dataSourceRef will not be copied to dataSource. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplateSpecDataSource { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, -} - -/// dataSourceRef specifies the object from which to populate the volume with data, if a non-empty -/// volume is desired. This may be any object from a non-empty API group (non -/// core object) or a PersistentVolumeClaim object. -/// When this field is specified, volume binding will only succeed if the type of -/// the specified object matches some installed volume populator or dynamic -/// provisioner. -/// This field will replace the functionality of the dataSource field and as such -/// if both fields are non-empty, they must have the same value. For backwards -/// compatibility, when namespace isn't specified in dataSourceRef, -/// both fields (dataSource and dataSourceRef) will be set to the same -/// value automatically if one of them is empty and the other is non-empty. -/// When namespace is specified in dataSourceRef, -/// dataSource isn't set to the same value and must be empty. -/// There are three important differences between dataSource and dataSourceRef: -/// * While dataSource only allows two specific types of objects, dataSourceRef -/// allows any non-core object, as well as PersistentVolumeClaim objects. -/// * While dataSource ignores disallowed values (dropping them), dataSourceRef -/// preserves all values, and generates an error if a disallowed value is -/// specified. -/// * While dataSource only allows local objects, dataSourceRef allows objects -/// in any namespaces. -/// (Beta) Using this field requires the AnyVolumeDataSource feature gate to be enabled. -/// (Alpha) Using the namespace field of dataSourceRef requires the CrossNamespaceVolumeDataSource feature gate to be enabled. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { - /// APIGroup is the group for the resource being referenced. - /// If APIGroup is not specified, the specified Kind must be in the core API group. - /// For any other third-party types, APIGroup is required. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiGroup")] - pub api_group: Option, - /// Kind is the type of resource being referenced - pub kind: String, - /// Name is the name of resource being referenced - pub name: String, - /// Namespace is the namespace of resource being referenced - /// Note that when a namespace is specified, a gateway.networking.k8s.io/ReferenceGrant object is required in the referent namespace to allow that namespace's owner to accept the reference. See the ReferenceGrant documentation for details. - /// (Alpha) This field requires the CrossNamespaceVolumeDataSource feature gate to be enabled. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, -} - -/// resources represents the minimum resources the volume should have. -/// If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements -/// that are lower than previous value but must still be higher than capacity recorded in the -/// status field of the claim. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, - /// Limits describes the maximum amount of compute resources allowed. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub limits: Option>, - /// Requests describes the minimum amount of compute resources required. - /// If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, - /// otherwise to an implementation-defined value. Requests cannot exceed Limits. - /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ - #[serde(default, skip_serializing_if = "Option::is_none")] - pub requests: Option>, -} - -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - -/// selector is a label query over volumes to consider for binding. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplateSpecSelector { - /// matchExpressions is a list of label selector requirements. The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] - pub match_expressions: Option>, - /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels - /// map is equivalent to an element of matchExpressions, whose key field is "key", the - /// operator is "In", and the values array contains only "value". The requirements are ANDed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] - pub match_labels: Option>, -} - -/// A label selector requirement is a selector that contains values, a key, and an operator that -/// relates the key and values. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesEphemeralVolumeClaimTemplateSpecSelectorMatchExpressions { - /// key is the label key that the selector applies to. - pub key: String, - /// operator represents a key's relationship to a set of values. - /// Valid operators are In, NotIn, Exists and DoesNotExist. - pub operator: String, - /// values is an array of string values. If the operator is In or NotIn, - /// the values array must be non-empty. If the operator is Exists or DoesNotExist, - /// the values array must be empty. This array is replaced during a strategic - /// merge patch. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub values: Option>, -} - -/// fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesFc { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// lun is Optional: FC target lun number - #[serde(default, skip_serializing_if = "Option::is_none")] - pub lun: Option, - /// readOnly is Optional: Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// targetWWNs is Optional: FC target worldwide names (WWNs) - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetWWNs")] - pub target_ww_ns: Option>, - /// wwids Optional: FC volume world wide identifiers (wwids) - /// Either wwids or combination of targetWWNs and lun must be set, but not both simultaneously. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub wwids: Option>, -} - -/// flexVolume represents a generic volume resource that is -/// provisioned/attached using an exec based plugin. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesFlexVolume { - /// driver is the name of the driver to use for this volume. - pub driver: String, - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". The default filesystem depends on FlexVolume script. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// options is Optional: this field holds extra command options if any. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub options: Option>, - /// readOnly is Optional: defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is Optional: secretRef is reference to the secret object containing - /// sensitive information to pass to the plugin scripts. This may be - /// empty if no secret object is specified. If the secret object - /// contains more than one secret, all secrets are passed to the plugin - /// scripts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, -} - -/// secretRef is Optional: secretRef is reference to the secret object containing -/// sensitive information to pass to the plugin scripts. This may be -/// empty if no secret object is specified. If the secret object -/// contains more than one secret, all secrets are passed to the plugin -/// scripts. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesFlexVolumeSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// flocker represents a Flocker volume attached to a kubelet's host machine. This depends on the Flocker control service being running -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesFlocker { - /// datasetName is Name of the dataset stored as metadata -> name on the dataset for Flocker - /// should be considered as deprecated - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetName")] - pub dataset_name: Option, - /// datasetUUID is the UUID of the dataset. This is unique identifier of a Flocker dataset - #[serde(default, skip_serializing_if = "Option::is_none", rename = "datasetUUID")] - pub dataset_uuid: Option, -} - -/// gcePersistentDisk represents a GCE Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesGcePersistentDisk { - /// fsType is filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// partition is the partition in the volume that you want to mount. - /// If omitted, the default is to mount by volume name. - /// Examples: For volume /dev/sda1, you specify the partition as "1". - /// Similarly, the volume partition for /dev/sda is "0" (or you can leave the property empty). - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, - /// pdName is unique name of the PD resource in GCE. Used to identify the disk in GCE. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(rename = "pdName")] - pub pd_name: String, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// gitRepo represents a git repository at a particular revision. -/// DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an -/// EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir -/// into the Pod's container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesGitRepo { - /// directory is the target directory name. - /// Must not contain or start with '..'. If '.' is supplied, the volume directory will be the - /// git repository. Otherwise, if specified, the volume will contain the git repository in - /// the subdirectory with the given name. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub directory: Option, - /// repository is the URL - pub repository: String, - /// revision is the commit hash for the specified revision. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub revision: Option, -} - -/// glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/glusterfs/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesGlusterfs { - /// endpoints is the endpoint name that details Glusterfs topology. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub endpoints: String, - /// path is the Glusterfs volume path. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - pub path: String, - /// readOnly here will force the Glusterfs volume to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/glusterfs/README.md#create-a-pod - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// hostPath represents a pre-existing file or directory on the host -/// machine that is directly exposed to the container. This is generally -/// used for system agents or other privileged things that are allowed -/// to see the host machine. Most containers will NOT need this. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath -/// --- -/// TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not -/// mount host directories as read/write. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesHostPath { - /// path of the directory on the host. - /// If the path is a symlink, it will follow the link to the real path. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - pub path: String, - /// type for HostPath Volume - /// Defaults to "" - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// iscsi represents an ISCSI Disk resource that is attached to a -/// kubelet's host machine and then exposed to the pod. -/// More info: https://examples.k8s.io/volumes/iscsi/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesIscsi { - /// chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthDiscovery")] - pub chap_auth_discovery: Option, - /// chapAuthSession defines whether support iSCSI Session CHAP authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "chapAuthSession")] - pub chap_auth_session: Option, - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// initiatorName is the custom iSCSI Initiator Name. - /// If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface - /// : will be created for the connection. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatorName")] - pub initiator_name: Option, - /// iqn is the target iSCSI Qualified Name. - pub iqn: String, - /// iscsiInterface is the interface Name that uses an iSCSI transport. - /// Defaults to 'default' (tcp). - #[serde(default, skip_serializing_if = "Option::is_none", rename = "iscsiInterface")] - pub iscsi_interface: Option, - /// lun represents iSCSI Target Lun number. - pub lun: i32, - /// portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(default, skip_serializing_if = "Option::is_none")] - pub portals: Option>, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is the CHAP Secret for iSCSI target and initiator authentication - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// targetPortal is iSCSI Target Portal. The Portal is either an IP or ip_addr:port if the port - /// is other than default (typically TCP ports 860 and 3260). - #[serde(rename = "targetPortal")] - pub target_portal: String, -} - -/// secretRef is the CHAP Secret for iSCSI target and initiator authentication -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesIscsiSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// nfs represents an NFS mount on the host that shares a pod's lifetime -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesNfs { - /// path that is exported by the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub path: String, - /// readOnly here will force the NFS export to be mounted with read-only permissions. - /// Defaults to false. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// server is the hostname or IP address of the NFS server. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs - pub server: String, -} - -/// persistentVolumeClaimVolumeSource represents a reference to a -/// PersistentVolumeClaim in the same namespace. -/// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesPersistentVolumeClaim { - /// claimName is the name of a PersistentVolumeClaim in the same namespace as the pod using this volume. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims - #[serde(rename = "claimName")] - pub claim_name: String, - /// readOnly Will force the ReadOnly setting in VolumeMounts. - /// Default false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, -} - -/// photonPersistentDisk represents a PhotonController persistent disk attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesPhotonPersistentDisk { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// pdID is the ID that identifies Photon Controller persistent disk - #[serde(rename = "pdID")] - pub pd_id: String, -} - -/// portworxVolume represents a portworx volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesPortworxVolume { - /// fSType represents the filesystem type to mount - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// volumeID uniquely identifies a Portworx volume - #[serde(rename = "volumeID")] - pub volume_id: String, -} - -/// projected items for all in one resources secrets, configmaps, and downward API -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjected { - /// defaultMode are the mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// sources is the list of volume projections - #[serde(default, skip_serializing_if = "Option::is_none")] - pub sources: Option>, -} - -/// Projection that may be projected along with other supported volume types -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSources { - /// configMap information about the configMap data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, - /// downwardAPI information about the downwardAPI data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "downwardAPI")] - pub downward_api: Option, - /// secret information about the secret data to project - #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, - /// serviceAccountToken is information about the serviceAccountToken data to project - #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountToken")] - pub service_account_token: Option, -} - -/// configMap information about the configMap data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSourcesConfigMap { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// ConfigMap will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the ConfigMap, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional specify whether the ConfigMap or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSourcesConfigMapItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// downwardAPI information about the downwardAPI data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSourcesDownwardApi { - /// Items is a list of DownwardAPIVolume file - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, -} - -/// DownwardAPIVolumeFile represents information to create the file containing the pod field -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Optional: mode bits used to set permissions on this file, must be an octal value - /// between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// Required: Path is the relative path name of the file to be created. Must not be absolute or contain the '..' path. Must be utf-8 encoded. The first item of the relative path must not start with '..' - pub path: String, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, -} - -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSourcesDownwardApiItemsFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSourcesDownwardApiItemsResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// secret information about the secret data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSourcesSecret { - /// items if unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// optional field specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSourcesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// serviceAccountToken is information about the serviceAccountToken data to project -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesProjectedSourcesServiceAccountToken { - /// audience is the intended audience of the token. A recipient of a token - /// must identify itself with an identifier specified in the audience of the - /// token, and otherwise should reject the token. The audience defaults to the - /// identifier of the apiserver. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub audience: Option, - /// expirationSeconds is the requested duration of validity of the service - /// account token. As the token approaches expiration, the kubelet volume - /// plugin will proactively rotate the service account token. The kubelet will - /// start trying to rotate the token if the token is older than 80 percent of - /// its time to live or if the token is older than 24 hours.Defaults to 1 hour - /// and must be at least 10 minutes. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "expirationSeconds")] - pub expiration_seconds: Option, - /// path is the path relative to the mount point of the file to project the - /// token into. - pub path: String, -} - -/// quobyte represents a Quobyte mount on the host that shares a pod's lifetime -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesQuobyte { - /// group to map volume access to - /// Default is no group - #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - /// readOnly here will force the Quobyte volume to be mounted with read-only permissions. - /// Defaults to false. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// registry represents a single or multiple Quobyte Registry services - /// specified as a string as host:port pair (multiple entries are separated with commas) - /// which acts as the central registry for volumes - pub registry: String, - /// tenant owning the given Quobyte volume in the Backend - /// Used with dynamically provisioned Quobyte volumes, value is set by the plugin - #[serde(default, skip_serializing_if = "Option::is_none")] - pub tenant: Option, - /// user to map volume access to - /// Defaults to serivceaccount user - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, - /// volume is a string that references an already created Quobyte volume by name. - pub volume: String, -} - -/// rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. -/// More info: https://examples.k8s.io/volumes/rbd/README.md -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesRbd { - /// fsType is the filesystem type of the volume that you want to mount. - /// Tip: Ensure that the filesystem type is supported by the host operating system. - /// Examples: "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd - /// TODO: how do we prevent errors in the filesystem from compromising the machine - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// image is the rados image name. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub image: String, - /// keyring is the path to key ring for RBDUser. - /// Default is /etc/ceph/keyring. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub keyring: Option, - /// monitors is a collection of Ceph monitors. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - pub monitors: Vec, - /// pool is the rados pool name. - /// Default is rbd. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub pool: Option, - /// readOnly here will force the ReadOnly setting in VolumeMounts. - /// Defaults to false. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef is name of the authentication secret for RBDUser. If provided - /// overrides keyring. - /// Default is nil. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// user is the rados user name. - /// Default is admin. - /// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it - #[serde(default, skip_serializing_if = "Option::is_none")] - pub user: Option, -} - -/// secretRef is name of the authentication secret for RBDUser. If provided -/// overrides keyring. -/// Default is nil. -/// More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesRbdSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// scaleIO represents a ScaleIO persistent volume attached and mounted on Kubernetes nodes. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesScaleIo { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". - /// Default is "xfs". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// gateway is the host address of the ScaleIO API Gateway. - pub gateway: String, - /// protectionDomain is the name of the ScaleIO Protection Domain for the configured storage. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "protectionDomain")] - pub protection_domain: Option, - /// readOnly Defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef references to the secret for ScaleIO user and other - /// sensitive information. If this is not provided, Login operation will fail. - #[serde(rename = "secretRef")] - pub secret_ref: ClusterDefinitionComponentDefsPodSpecVolumesScaleIoSecretRef, - /// sslEnabled Flag enable/disable SSL communication with Gateway, default false - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sslEnabled")] - pub ssl_enabled: Option, - /// storageMode indicates whether the storage for a volume should be ThickProvisioned or ThinProvisioned. - /// Default is ThinProvisioned. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageMode")] - pub storage_mode: Option, - /// storagePool is the ScaleIO Storage Pool associated with the protection domain. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePool")] - pub storage_pool: Option, - /// system is the name of the storage system as configured in ScaleIO. - pub system: String, - /// volumeName is the name of a volume already created in the ScaleIO system - /// that is associated with this volume source. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, -} - -/// secretRef references to the secret for ScaleIO user and other -/// sensitive information. If this is not provided, Login operation will fail. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesScaleIoSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// secret represents a secret that should populate this volume. -/// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesSecret { - /// defaultMode is Optional: mode bits used to set permissions on created files by default. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values - /// for mode bits. Defaults to 0644. - /// Directories within the path are not affected by this setting. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// items If unspecified, each key-value pair in the Data field of the referenced - /// Secret will be projected into the volume as a file whose name is the - /// key and content is the value. If specified, the listed keys will be - /// projected into the specified paths, and unlisted keys will not be - /// present. If a key is specified which is not present in the Secret, - /// the volume setup will error unless it is marked optional. Paths must be - /// relative and may not contain the '..' path or start with '..'. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub items: Option>, - /// optional field specify whether the Secret or its keys must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// secretName is the name of the secret in the pod's namespace to use. - /// More info: https://kubernetes.io/docs/concepts/storage/volumes#secret - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretName")] - pub secret_name: Option, -} - -/// Maps a string key to a path within a volume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesSecretItems { - /// key is the key to project. - pub key: String, - /// mode is Optional: mode bits used to set permissions on this file. - /// Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. - /// YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. - /// If not specified, the volume defaultMode will be used. - /// This might be in conflict with other options that affect the file - /// mode, like fsGroup, and the result can be other mode bits set. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub mode: Option, - /// path is the relative path of the file to map the key to. - /// May not be an absolute path. - /// May not contain the path element '..'. - /// May not start with the string '..'. - pub path: String, -} - -/// storageOS represents a StorageOS volume attached and mounted on Kubernetes nodes. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesStorageos { - /// fsType is the filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// readOnly defaults to false (read/write). ReadOnly here will force - /// the ReadOnly setting in VolumeMounts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] - pub read_only: Option, - /// secretRef specifies the secret to use for obtaining the StorageOS API - /// credentials. If not specified, default values will be attempted. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// volumeName is the human-readable name of the StorageOS volume. Volume - /// names are only unique within a namespace. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeName")] - pub volume_name: Option, - /// volumeNamespace specifies the scope of the volume within StorageOS. If no - /// namespace is specified then the Pod's namespace will be used. This allows the - /// Kubernetes name scoping to be mirrored within StorageOS for tighter integration. - /// Set VolumeName to any name to override the default behaviour. - /// Set to "default" if you are not using namespaces within StorageOS. - /// Namespaces that do not pre-exist within StorageOS will be created. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeNamespace")] - pub volume_namespace: Option, -} - -/// secretRef specifies the secret to use for obtaining the StorageOS API -/// credentials. If not specified, default values will be attempted. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesStorageosSecretRef { - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// vsphereVolume represents a vSphere volume attached and mounted on kubelets host machine -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPodSpecVolumesVsphereVolume { - /// fsType is filesystem type to mount. - /// Must be a filesystem type supported by the host operating system. - /// Ex. "ext4", "xfs", "ntfs". Implicitly inferred to be "ext4" if unspecified. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsType")] - pub fs_type: Option, - /// storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyID")] - pub storage_policy_id: Option, - /// storagePolicyName is the storage Policy Based Management (SPBM) profile name. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "storagePolicyName")] - pub storage_policy_name: Option, - /// volumePath is the path that identifies vSphere volume vmdk - #[serde(rename = "volumePath")] - pub volume_path: String, -} - -/// Defines the command to be executed when the component is ready, and the command will only be executed once after -/// the component becomes ready. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPostStartSpec { - /// Specifies the post-start command to be executed. - #[serde(rename = "cmdExecutorConfig")] - pub cmd_executor_config: ClusterDefinitionComponentDefsPostStartSpecCmdExecutorConfig, - /// Used to select the script that need to be referenced. - /// When defined, the scripts defined in scriptSpecs can be referenced within the CmdExecutorConfig. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scriptSpecSelectors")] - pub script_spec_selectors: Option>, -} - -/// Specifies the post-start command to be executed. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPostStartSpecCmdExecutorConfig { - /// Additional parameters used in the execution of the command. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// The command to be executed. - pub command: Vec, - /// A list of environment variables that will be injected into the command execution context. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// Specifies the image used to execute the command. - pub image: String, -} - -/// EnvVar represents an environment variable present in a Container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPostStartSpecCmdExecutorConfigEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPostStartSpecCmdExecutorConfigEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPostStartSpecCmdExecutorConfigEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPostStartSpecCmdExecutorConfigEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPostStartSpecCmdExecutorConfigEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPostStartSpecCmdExecutorConfigEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsPostStartSpecScriptSpecSelectors { - /// Represents the name of the ScriptSpec referent. - pub name: String, -} - -/// Settings for health checks. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsProbes { - /// Specifies the probe used for checking the role of the component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleProbe")] - pub role_probe: Option, - /// Defines the timeout (in seconds) for the role probe after all pods of the component are ready. - /// The system will check if the application is available in the pod. - /// If pods exceed the InitializationTimeoutSeconds time without a role label, this component will enter the - /// Failed/Abnormal phase. - /// - /// - /// Note that this configuration will only take effect if the component supports RoleProbe - /// and will not affect the life cycle of the pod. default values are 60 seconds. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleProbeTimeoutAfterPodsReady")] - pub role_probe_timeout_after_pods_ready: Option, - /// Specifies the probe used for checking the running status of the component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "runningProbe")] - pub running_probe: Option, - /// Specifies the probe used for checking the status of the component. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "statusProbe")] - pub status_probe: Option, -} - -/// Specifies the probe used for checking the role of the component. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsProbesRoleProbe { - /// Commands used to execute for probe. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub commands: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// How often (in seconds) to perform the probe. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Commands used to execute for probe. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsProbesRoleProbeCommands { - /// Defines read checks that are executed on the probe sidecar. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queries: Option>, - /// Defines write checks that are executed on the probe sidecar. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub writes: Option>, -} - -/// Specifies the probe used for checking the running status of the component. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsProbesRunningProbe { - /// Commands used to execute for probe. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub commands: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// How often (in seconds) to perform the probe. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Commands used to execute for probe. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsProbesRunningProbeCommands { - /// Defines read checks that are executed on the probe sidecar. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queries: Option>, - /// Defines write checks that are executed on the probe sidecar. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub writes: Option>, -} - -/// Specifies the probe used for checking the status of the component. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsProbesStatusProbe { - /// Commands used to execute for probe. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub commands: Option, - /// Minimum consecutive failures for the probe to be considered failed after having succeeded. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// How often (in seconds) to perform the probe. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Number of seconds after which the probe times out. Defaults to 1 second. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -/// Commands used to execute for probe. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsProbesStatusProbeCommands { - /// Defines read checks that are executed on the probe sidecar. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub queries: Option>, - /// Defines write checks that are executed on the probe sidecar. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub writes: Option>, -} - -/// Defines spec for `Replication` workloads. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsReplicationSpec { - /// Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down. - /// - /// - /// - `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod - /// is ready before continuing. Pods are removed in reverse order when scaling down. - /// - `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once - /// when scaling down. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "llPodManagementPolicy")] - pub ll_pod_management_policy: Option, - /// Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a - /// revision to the Template. - /// `UpdateStrategy` will be ignored if this is provided. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "llUpdateStrategy")] - pub ll_update_strategy: Option, - /// Specifies the strategy for updating Pods. - /// For workloadType=`Consensus`, the update strategy can be one of the following: - /// - /// - /// - `Serial`: Updates Members sequentially to minimize component downtime. - /// - `BestEffortParallel`: Updates Members in parallel to minimize component write downtime. Majority remains online - /// at all times. - /// - `Parallel`: Forces parallel updates. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStrategy")] - pub update_strategy: Option, -} - -/// Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a -/// revision to the Template. -/// `UpdateStrategy` will be ignored if this is provided. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsReplicationSpecLlUpdateStrategy { - /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] - pub rolling_update: Option, - /// Type indicates the type of the StatefulSetUpdateStrategy. - /// Default is RollingUpdate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsReplicationSpecLlUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be unavailable during the update. - /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - /// Absolute number is calculated from percentage by rounding up. This can not be 0. - /// Defaults to 1. This field is alpha-level and is only honored by servers that enable the - /// MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to - /// Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it - /// will be counted towards MaxUnavailable. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] - pub max_unavailable: Option, - /// Partition indicates the ordinal at which the StatefulSet should be partitioned - /// for updates. During a rolling update, all pods from ordinal Replicas-1 to - /// Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. - /// This is helpful in being able to do a canary based deployment. The default value is 0. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, -} - -/// Defines spec for `Replication` workloads. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsReplicationSpecUpdateStrategy { - Serial, - BestEffortParallel, - Parallel, -} - -/// Defines workload spec of this component. -/// From KB 0.7.0, RSM(InstanceSetSpec) will be the underlying CR which powers all kinds of workload in KB. -/// RSM is an enhanced stateful workload extension dedicated for heavy-state workloads like databases. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpec { - /// Describes the strategy for updating Members (Pods). - /// - /// - /// - `Serial`: Updates Members sequentially to ensure minimum component downtime. - /// - `BestEffortParallel`: Updates Members in parallel to ensure minimum component write downtime. - /// - `Parallel`: Forces parallel updates. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "memberUpdateStrategy")] - pub member_update_strategy: Option, - /// Indicates the actions required for dynamic membership reconfiguration. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "membershipReconfiguration")] - pub membership_reconfiguration: Option, - /// Defines the method used to probe a role. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleProbe")] - pub role_probe: Option, - /// Specifies a list of roles defined within the system. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub roles: Option>, -} - -/// Defines workload spec of this component. -/// From KB 0.7.0, RSM(InstanceSetSpec) will be the underlying CR which powers all kinds of workload in KB. -/// RSM is an enhanced stateful workload extension dedicated for heavy-state workloads like databases. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsRsmSpecMemberUpdateStrategy { - Serial, - BestEffortParallel, - Parallel, -} - -/// Indicates the actions required for dynamic membership reconfiguration. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpecMembershipReconfiguration { - /// Defines the action to trigger the new member to start log syncing. - /// If the Image is not configured, the Image from the previous non-nil action will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "logSyncAction")] - pub log_sync_action: Option, - /// Defines the action to add a member. - /// If the Image is not configured, the Image from the previous non-nil action will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "memberJoinAction")] - pub member_join_action: Option, - /// Defines the action to remove a member. - /// If the Image is not configured, the Image from the previous non-nil action will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "memberLeaveAction")] - pub member_leave_action: Option, - /// Defines the action to inform the cluster that the new member can join voting now. - /// If the Image is not configured, the Image from the previous non-nil action will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "promoteAction")] - pub promote_action: Option, - /// Specifies the environment variables that can be used in all following Actions: - /// - KB_ITS_USERNAME: Represents the username part of the credential - /// - KB_ITS_PASSWORD: Represents the password part of the credential - /// - KB_ITS_LEADER_HOST: Represents the leader host - /// - KB_ITS_TARGET_HOST: Represents the target host - /// - KB_ITS_SERVICE_PORT: Represents the service port - /// - /// - /// Defines the action to perform a switchover. - /// If the Image is not configured, the latest [BusyBox](https://busybox.net/) image will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "switchoverAction")] - pub switchover_action: Option, -} - -/// Defines the action to trigger the new member to start log syncing. -/// If the Image is not configured, the Image from the previous non-nil action will be used. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpecMembershipReconfigurationLogSyncAction { - /// Additional parameters used to perform specific statements. This field is optional. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// A set of instructions that will be executed within the Container to retrieve or process role information. This field is required. - pub command: Vec, - /// Refers to the utility image that contains the command which can be utilized to retrieve or process role information. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, -} - -/// Defines the action to add a member. -/// If the Image is not configured, the Image from the previous non-nil action will be used. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpecMembershipReconfigurationMemberJoinAction { - /// Additional parameters used to perform specific statements. This field is optional. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// A set of instructions that will be executed within the Container to retrieve or process role information. This field is required. - pub command: Vec, - /// Refers to the utility image that contains the command which can be utilized to retrieve or process role information. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, -} - -/// Defines the action to remove a member. -/// If the Image is not configured, the Image from the previous non-nil action will be used. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpecMembershipReconfigurationMemberLeaveAction { - /// Additional parameters used to perform specific statements. This field is optional. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// A set of instructions that will be executed within the Container to retrieve or process role information. This field is required. - pub command: Vec, - /// Refers to the utility image that contains the command which can be utilized to retrieve or process role information. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, -} - -/// Defines the action to inform the cluster that the new member can join voting now. -/// If the Image is not configured, the Image from the previous non-nil action will be used. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpecMembershipReconfigurationPromoteAction { - /// Additional parameters used to perform specific statements. This field is optional. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// A set of instructions that will be executed within the Container to retrieve or process role information. This field is required. - pub command: Vec, - /// Refers to the utility image that contains the command which can be utilized to retrieve or process role information. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, -} - -/// Specifies the environment variables that can be used in all following Actions: -/// - KB_ITS_USERNAME: Represents the username part of the credential -/// - KB_ITS_PASSWORD: Represents the password part of the credential -/// - KB_ITS_LEADER_HOST: Represents the leader host -/// - KB_ITS_TARGET_HOST: Represents the target host -/// - KB_ITS_SERVICE_PORT: Represents the service port -/// -/// -/// Defines the action to perform a switchover. -/// If the Image is not configured, the latest [BusyBox](https://busybox.net/) image will be used. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpecMembershipReconfigurationSwitchoverAction { - /// Additional parameters used to perform specific statements. This field is optional. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// A set of instructions that will be executed within the Container to retrieve or process role information. This field is required. - pub command: Vec, - /// Refers to the utility image that contains the command which can be utilized to retrieve or process role information. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, -} - -/// Defines the method used to probe a role. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpecRoleProbe { - /// Specifies the builtin handler name to use to probe the role of the main container. - /// Available handlers include: mysql, postgres, mongodb, redis, etcd, kafka. - /// Use CustomHandler to define a custom role probe function if none of the built-in handlers meet the requirement. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "builtinHandlerName")] - pub builtin_handler_name: Option, - /// Defines a custom method for role probing. - /// If the BuiltinHandler meets the requirement, use it instead. - /// Actions defined here are executed in series. - /// Upon completion of all actions, the final output should be a single string representing the role name defined in spec.Roles. - /// The latest [BusyBox](https://busybox.net/) image will be used if Image is not configured. - /// Environment variables can be used in Command: - /// - v_KB_ITS_LAST_STDOUT: stdout from the last action, watch for 'v_' prefix - /// - KB_ITS_USERNAME: username part of the credential - /// - KB_ITS_PASSWORD: password part of the credential - #[serde(default, skip_serializing_if = "Option::is_none", rename = "customHandler")] - pub custom_handler: Option>, - /// Specifies the minimum number of consecutive failures for the probe to be considered failed after having succeeded. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "failureThreshold")] - pub failure_threshold: Option, - /// Specifies the number of seconds to wait after the container has started before initiating role probing. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialDelaySeconds")] - pub initial_delay_seconds: Option, - /// Specifies the frequency (in seconds) of probe execution. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "periodSeconds")] - pub period_seconds: Option, - /// Specifies the method for updating the pod role label. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleUpdateMechanism")] - pub role_update_mechanism: Option, - /// Specifies the minimum number of consecutive successes for the probe to be considered successful after having failed. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "successThreshold")] - pub success_threshold: Option, - /// Specifies the number of seconds after which the probe times out. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "timeoutSeconds")] - pub timeout_seconds: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpecRoleProbeCustomHandler { - /// Additional parameters used to perform specific statements. This field is optional. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// A set of instructions that will be executed within the Container to retrieve or process role information. This field is required. - pub command: Vec, - /// Refers to the utility image that contains the command which can be utilized to retrieve or process role information. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub image: Option, -} - -/// Defines the method used to probe a role. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsRsmSpecRoleProbeRoleUpdateMechanism { - ReadinessProbeEventUpdate, - #[serde(rename = "DirectAPIServerEventUpdate")] - DirectApiServerEventUpdate, -} - -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ClusterDefinitionComponentDefsRsmSpecRoles { - /// Specifies the service capabilities of this member. - #[serde(rename = "accessMode")] - pub access_mode: ClusterDefinitionComponentDefsRsmSpecRolesAccessMode, - /// Indicates if this member has voting rights. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "canVote")] - pub can_vote: Option, - /// Determines if this member is the leader. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "isLeader")] - pub is_leader: Option, - /// Defines the role name of the replica. - pub name: String, -} - -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsRsmSpecRolesAccessMode { - None, - Readonly, - ReadWrite, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsScriptSpecs { - /// The operator attempts to set default file permissions for scripts (0555) and configurations (0444). - /// However, certain database engines may require different file permissions. - /// You can specify the desired file permissions here. - /// - /// - /// Must be specified as an octal value between 0000 and 0777 (inclusive), - /// or as a decimal value between 0 and 511 (inclusive). - /// YAML supports both octal and decimal values for file permissions. - /// - /// - /// Please note that this setting only affects the permissions of the files themselves. - /// Directories within the specified path are not impacted by this setting. - /// It's important to be aware that this setting might conflict with other options - /// that influence the file mode, such as fsGroup. - /// In such cases, the resulting file mode may have additional bits set. - /// Refers to documents of k8s.ConfigMapVolumeSource.defaultMode for more information. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "defaultMode")] - pub default_mode: Option, - /// Specifies the name of the configuration template. - pub name: String, - /// Specifies the namespace of the referenced configuration template ConfigMap object. - /// An empty namespace is equivalent to the "default" namespace. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, - /// Specifies the name of the referenced configuration template ConfigMap object. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "templateRef")] - pub template_ref: Option, - /// Refers to the volume name of PodTemplate. The configuration file produced through the configuration - /// template will be mounted to the corresponding volume. Must be a DNS_LABEL name. - /// The volume name must be defined in podSpec.containers[*].volumeMounts. - #[serde(rename = "volumeName")] - pub volume_name: String, -} - -/// Defines the service spec. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsService { - /// The list of ports that are exposed by this service. - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#virtual-ips-and-service-proxies - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ports: Option>, -} - -/// ServicePort is deprecated since v0.8. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsServicePorts { - /// The application protocol for this port. - /// This field follows standard Kubernetes label syntax. - /// Un-prefixed names are reserved for IANA standard service names (as per - /// RFC-6335 and https://www.iana.org/assignments/service-names). - /// Non-standard protocols should use prefixed names such as - /// mycompany.com/my-custom-protocol. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "appProtocol")] - pub app_protocol: Option, - /// The name of this port within the service. This must be a DNS_LABEL. - /// All ports within a ServiceSpec must have unique names. When considering - /// the endpoints for a Service, this must match the 'name' field in the - /// EndpointPort. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// The port that will be exposed by this service. - pub port: i32, - /// The IP protocol for this port. Supports "TCP", "UDP", and "SCTP". - /// Default is TCP. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub protocol: Option, - /// Number or name of the port to access on the pods targeted by the service. - /// - /// - /// Number must be in the range 1 to 65535. Name must be an IANA_SVC_NAME. - /// - /// - /// - If this is a string, it will be looked up as a named port in the target Pod's container ports. - /// - If this is not specified, the value of the `port` field is used (an identity map). - /// - /// - /// This field is ignored for services with clusterIP=None, and should be - /// omitted or set equal to the `port` field. - /// - /// - /// More info: https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service - #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetPort")] - pub target_port: Option, -} - -/// ServicePort is deprecated since v0.8. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsServicePortsProtocol { - #[serde(rename = "TCP")] - Tcp, - #[serde(rename = "UDP")] - Udp, - #[serde(rename = "SCTP")] - Sctp, -} - -/// ServiceRefDeclaration represents a reference to a service that can be either provided by a KubeBlocks Cluster -/// or an external service. -/// It acts as a placeholder for the actual service reference, which is determined later when a Cluster is created. -/// -/// -/// The purpose of ServiceRefDeclaration is to declare a service dependency without specifying the concrete details -/// of the service. -/// It allows for flexibility and abstraction in defining service references within a Component. -/// By using ServiceRefDeclaration, you can define service dependencies in a declarative manner, enabling loose coupling -/// and easier management of service references across different components and clusters. -/// -/// -/// Upon Cluster creation, the ServiceRefDeclaration is bound to an actual service through the ServiceRef field, -/// effectively resolving and connecting to the specified service. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsServiceRefDeclarations { - /// Specifies the name of the ServiceRefDeclaration. - pub name: String, - /// Specifies whether the service reference can be optional. - /// - /// - /// For an optional service-ref, the component can still be created even if the service-ref is not provided. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, - /// Defines a list of constraints and requirements for services that can be bound to this ServiceRefDeclaration - /// upon Cluster creation. - /// Each ServiceRefDeclarationSpec defines a ServiceKind and ServiceVersion, - /// outlining the acceptable service types and versions that are compatible. - /// - /// - /// This flexibility allows a ServiceRefDeclaration to be fulfilled by any one of the provided specs. - /// For example, if it requires an OLTP database, specs for both MySQL and PostgreSQL are listed, - /// either MySQL or PostgreSQL services can be used when binding. - #[serde(rename = "serviceRefDeclarationSpecs")] - pub service_ref_declaration_specs: Vec, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsServiceRefDeclarationsServiceRefDeclarationSpecs { - /// Specifies the type or nature of the service. This should be a well-known application cluster type, such as - /// {mysql, redis, mongodb}. - /// The field is case-insensitive and supports abbreviations for some well-known databases. - /// For instance, both `zk` and `zookeeper` are considered as a ZooKeeper cluster, while `pg`, `postgres`, `postgresql` - /// are all recognized as a PostgreSQL cluster. - #[serde(rename = "serviceKind")] - pub service_kind: String, - /// Defines the service version of the service reference. This is a regular expression that matches a version number pattern. - /// For instance, `^8.0.8$`, `8.0.\d{1,2}$`, `^[v\-]*?(\d{1,2}\.){0,3}\d{1,2}$` are all valid patterns. - #[serde(rename = "serviceVersion")] - pub service_version: String, -} - -/// Defines spec for `Stateful` workloads. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsStatefulSpec { - /// Controls the creation of pods during initial scale up, replacement of pods on nodes, and scaling down. - /// - /// - /// - `OrderedReady`: Creates pods in increasing order (pod-0, then pod-1, etc). The controller waits until each pod - /// is ready before continuing. Pods are removed in reverse order when scaling down. - /// - `Parallel`: Creates pods in parallel to match the desired scale without waiting. All pods are deleted at once - /// when scaling down. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "llPodManagementPolicy")] - pub ll_pod_management_policy: Option, - /// Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a - /// revision to the Template. - /// `UpdateStrategy` will be ignored if this is provided. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "llUpdateStrategy")] - pub ll_update_strategy: Option, - /// Specifies the strategy for updating Pods. - /// For workloadType=`Consensus`, the update strategy can be one of the following: - /// - /// - /// - `Serial`: Updates Members sequentially to minimize component downtime. - /// - `BestEffortParallel`: Updates Members in parallel to minimize component write downtime. Majority remains online - /// at all times. - /// - `Parallel`: Forces parallel updates. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStrategy")] - pub update_strategy: Option, -} - -/// Specifies the low-level StatefulSetUpdateStrategy to be used when updating Pods in the StatefulSet upon a -/// revision to the Template. -/// `UpdateStrategy` will be ignored if this is provided. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsStatefulSpecLlUpdateStrategy { - /// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] - pub rolling_update: Option, - /// Type indicates the type of the StatefulSetUpdateStrategy. - /// Default is RollingUpdate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// RollingUpdate is used to communicate parameters when Type is RollingUpdateStatefulSetStrategyType. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsStatefulSpecLlUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be unavailable during the update. - /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - /// Absolute number is calculated from percentage by rounding up. This can not be 0. - /// Defaults to 1. This field is alpha-level and is only honored by servers that enable the - /// MaxUnavailableStatefulSet feature. The field applies to all pods in the range 0 to - /// Replicas-1. That means if there is any unavailable pod in the range 0 to Replicas-1, it - /// will be counted towards MaxUnavailable. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] - pub max_unavailable: Option, - /// Partition indicates the ordinal at which the StatefulSet should be partitioned - /// for updates. During a rolling update, all pods from ordinal Replicas-1 to - /// Partition are updated. All pods from ordinal Partition-1 to 0 remain untouched. - /// This is helpful in being able to do a canary based deployment. The default value is 0. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub partition: Option, -} - -/// Defines spec for `Stateful` workloads. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsStatefulSpecUpdateStrategy { - Serial, - BestEffortParallel, - Parallel, -} - -/// Defines spec for `Stateless` workloads. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsStatelessSpec { - /// Specifies the deployment strategy that will be used to replace existing pods with new ones. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateStrategy")] - pub update_strategy: Option, -} - -/// Specifies the deployment strategy that will be used to replace existing pods with new ones. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsStatelessSpecUpdateStrategy { - /// Rolling update config params. Present only if DeploymentStrategyType = - /// RollingUpdate. - /// --- - /// TODO: Update this to follow our convention for oneOf, whatever we decide it - /// to be. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "rollingUpdate")] - pub rolling_update: Option, - /// Type of deployment. Can be "Recreate" or "RollingUpdate". Default is RollingUpdate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// Rolling update config params. Present only if DeploymentStrategyType = -/// RollingUpdate. -/// --- -/// TODO: Update this to follow our convention for oneOf, whatever we decide it -/// to be. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsStatelessSpecUpdateStrategyRollingUpdate { - /// The maximum number of pods that can be scheduled above the desired number of - /// pods. - /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - /// This can not be 0 if MaxUnavailable is 0. - /// Absolute number is calculated from percentage by rounding up. - /// Defaults to 25%. - /// Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when - /// the rolling update starts, such that the total number of old and new pods do not exceed - /// 130% of desired pods. Once old pods have been killed, - /// new ReplicaSet can be scaled up further, ensuring that total number of pods running - /// at any time during the update is at most 130% of desired pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxSurge")] - pub max_surge: Option, - /// The maximum number of pods that can be unavailable during the update. - /// Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). - /// Absolute number is calculated from percentage by rounding down. - /// This can not be 0 if MaxSurge is 0. - /// Defaults to 25%. - /// Example: when this is set to 30%, the old ReplicaSet can be scaled down to 70% of desired pods - /// immediately when the rolling update starts. Once new pods are ready, old ReplicaSet - /// can be scaled down further, followed by scaling up the new ReplicaSet, ensuring - /// that the total number of pods available at all times during the update is at - /// least 70% of desired pods. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxUnavailable")] - pub max_unavailable: Option, -} - -/// Defines command to do switchover. -/// In particular, when workloadType=Replication, the command defined in switchoverSpec will only be executed under -/// the condition of cluster.componentSpecs[x].SwitchPolicy.type=Noop. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpec { - /// Represents the action of switching over to a specified candidate primary or leader instance. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "withCandidate")] - pub with_candidate: Option, - /// Represents the action of switching over without specifying a candidate primary or leader instance. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "withoutCandidate")] - pub without_candidate: Option, -} - -/// Represents the action of switching over to a specified candidate primary or leader instance. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithCandidate { - /// Specifies the switchover command. - #[serde(rename = "cmdExecutorConfig")] - pub cmd_executor_config: ClusterDefinitionComponentDefsSwitchoverSpecWithCandidateCmdExecutorConfig, - /// Used to select the script that need to be referenced. - /// When defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scriptSpecSelectors")] - pub script_spec_selectors: Option>, -} - -/// Specifies the switchover command. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithCandidateCmdExecutorConfig { - /// Additional parameters used in the execution of the command. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// The command to be executed. - pub command: Vec, - /// A list of environment variables that will be injected into the command execution context. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// Specifies the image used to execute the command. - pub image: String, -} - -/// EnvVar represents an environment variable present in a Container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithCandidateCmdExecutorConfigEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithCandidateCmdExecutorConfigEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithCandidateCmdExecutorConfigEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithCandidateCmdExecutorConfigEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithCandidateCmdExecutorConfigEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithCandidateCmdExecutorConfigEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithCandidateScriptSpecSelectors { - /// Represents the name of the ScriptSpec referent. - pub name: String, -} - -/// Represents the action of switching over without specifying a candidate primary or leader instance. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidate { - /// Specifies the switchover command. - #[serde(rename = "cmdExecutorConfig")] - pub cmd_executor_config: ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidateCmdExecutorConfig, - /// Used to select the script that need to be referenced. - /// When defined, the scripts defined in scriptSpecs can be referenced within the SwitchoverAction.CmdExecutorConfig. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "scriptSpecSelectors")] - pub script_spec_selectors: Option>, -} - -/// Specifies the switchover command. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidateCmdExecutorConfig { - /// Additional parameters used in the execution of the command. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// The command to be executed. - pub command: Vec, - /// A list of environment variables that will be injected into the command execution context. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// Specifies the image used to execute the command. - pub image: String, -} - -/// EnvVar represents an environment variable present in a Container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidateCmdExecutorConfigEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidateCmdExecutorConfigEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidateCmdExecutorConfigEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidateCmdExecutorConfigEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidateCmdExecutorConfigEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidateCmdExecutorConfigEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSwitchoverSpecWithoutCandidateScriptSpecSelectors { - /// Represents the name of the ScriptSpec referent. - pub name: String, -} - -/// Defines system accounts needed to manage the component, and the statement to create them. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccounts { - /// Defines the configuration settings for system accounts. - pub accounts: Vec, - /// Configures how to obtain the client SDK and execute statements. - #[serde(rename = "cmdExecutorConfig")] - pub cmd_executor_config: ClusterDefinitionComponentDefsSystemAccountsCmdExecutorConfig, - /// Defines the pattern used to generate passwords for system accounts. - #[serde(rename = "passwordConfig")] - pub password_config: ClusterDefinitionComponentDefsSystemAccountsPasswordConfig, -} - -/// SystemAccountConfig specifies how to create and delete system accounts. -/// -/// -/// Deprecated since v0.9. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsAccounts { - /// The unique identifier of a system account. - pub name: ClusterDefinitionComponentDefsSystemAccountsAccountsName, - /// Outlines the strategy for creating the account. - #[serde(rename = "provisionPolicy")] - pub provision_policy: ClusterDefinitionComponentDefsSystemAccountsAccountsProvisionPolicy, -} - -/// SystemAccountConfig specifies how to create and delete system accounts. -/// -/// -/// Deprecated since v0.9. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsSystemAccountsAccountsName { - #[serde(rename = "kbadmin")] - Kbadmin, - #[serde(rename = "kbdataprotection")] - Kbdataprotection, - #[serde(rename = "kbprobe")] - Kbprobe, - #[serde(rename = "kbmonitoring")] - Kbmonitoring, - #[serde(rename = "kbreplicator")] - Kbreplicator, -} - -/// Outlines the strategy for creating the account. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsAccountsProvisionPolicy { - /// Defines the scope within which the account is provisioned. - pub scope: String, - /// The external secret to refer. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] - pub secret_ref: Option, - /// The statement to provision an account. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub statements: Option, - /// Specifies the method to provision an account. - #[serde(rename = "type")] - pub r#type: ClusterDefinitionComponentDefsSystemAccountsAccountsProvisionPolicyType, -} - -/// The external secret to refer. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsAccountsProvisionPolicySecretRef { - /// The unique identifier of the secret. - pub name: String, - /// The namespace where the secret is located. - pub namespace: String, -} - -/// The statement to provision an account. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsAccountsProvisionPolicyStatements { - /// Specifies the statement required to create a new account with the necessary privileges. - pub creation: String, - /// Defines the statement required to delete an existing account. - /// Typically used in conjunction with the creation statement to delete an account before recreating it. - /// For example, one might use a `drop user if exists` statement followed by a `create user` statement to ensure a fresh account. - /// - /// - /// Deprecated: This field is deprecated and the update statement should be used instead. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub deletion: Option, - /// Defines the statement required to update the password of an existing account. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub update: Option, -} - -/// Outlines the strategy for creating the account. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsSystemAccountsAccountsProvisionPolicyType { - CreateByStmt, - ReferToExisting, -} - -/// Configures how to obtain the client SDK and execute statements. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsCmdExecutorConfig { - /// Additional parameters used in the execution of the command. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub args: Option>, - /// The command to be executed. - pub command: Vec, - /// A list of environment variables that will be injected into the command execution context. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub env: Option>, - /// Specifies the image used to execute the command. - pub image: String, -} - -/// EnvVar represents an environment variable present in a Container. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsCmdExecutorConfigEnv { - /// Name of the environment variable. Must be a C_IDENTIFIER. - pub name: String, - /// Variable references $(VAR_NAME) are expanded - /// using the previously defined environment variables in the container and - /// any service environment variables. If a variable cannot be resolved, - /// the reference in the input string will be unchanged. Double $$ are reduced - /// to a single $, which allows for escaping the $(VAR_NAME) syntax: i.e. - /// "$$(VAR_NAME)" will produce the string literal "$(VAR_NAME)". - /// Escaped references will never be expanded, regardless of whether the variable - /// exists or not. - /// Defaults to "". - #[serde(default, skip_serializing_if = "Option::is_none")] - pub value: Option, - /// Source for the environment variable's value. Cannot be used if value is not empty. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] - pub value_from: Option, -} - -/// Source for the environment variable's value. Cannot be used if value is not empty. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsCmdExecutorConfigEnvValueFrom { - /// Selects a key of a ConfigMap. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMapKeyRef")] - pub config_map_key_ref: Option, - /// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, - /// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] - pub field_ref: Option, - /// Selects a resource of the container: only resources limits and requests - /// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "resourceFieldRef")] - pub resource_field_ref: Option, - /// Selects a key of a secret in the pod's namespace - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] - pub secret_key_ref: Option, -} - -/// Selects a key of a ConfigMap. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsCmdExecutorConfigEnvValueFromConfigMapKeyRef { - /// The key to select. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the ConfigMap or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Selects a field of the pod: supports metadata.name, metadata.namespace, `metadata.labels['']`, `metadata.annotations['']`, -/// spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP, status.podIPs. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsCmdExecutorConfigEnvValueFromFieldRef { - /// Version of the schema the FieldPath is written in terms of, defaults to "v1". - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiVersion")] - pub api_version: Option, - /// Path of the field to select in the specified API version. - #[serde(rename = "fieldPath")] - pub field_path: String, -} - -/// Selects a resource of the container: only resources limits and requests -/// (limits.cpu, limits.memory, limits.ephemeral-storage, requests.cpu, requests.memory and requests.ephemeral-storage) are currently supported. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsCmdExecutorConfigEnvValueFromResourceFieldRef { - /// Container name: required for volumes, optional for env vars - #[serde(default, skip_serializing_if = "Option::is_none", rename = "containerName")] - pub container_name: Option, - /// Specifies the output format of the exposed resources, defaults to "1" - #[serde(default, skip_serializing_if = "Option::is_none")] - pub divisor: Option, - /// Required: resource to select - pub resource: String, -} - -/// Selects a key of a secret in the pod's namespace -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsCmdExecutorConfigEnvValueFromSecretKeyRef { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Add other useful fields. apiVersion, kind, uid? - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// Defines the pattern used to generate passwords for system accounts. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsSystemAccountsPasswordConfig { - /// The length of the password. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub length: Option, - /// The case of the letters in the password. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "letterCase")] - pub letter_case: Option, - /// The number of digits in the password. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "numDigits")] - pub num_digits: Option, - /// The number of symbols in the password. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "numSymbols")] - pub num_symbols: Option, - /// Seed to generate the account's password. - /// Cannot be updated. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub seed: Option, -} - -/// Defines the pattern used to generate passwords for system accounts. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsSystemAccountsPasswordConfigLetterCase { - LowerCases, - UpperCases, - MixedCases, -} - -/// Defines settings to do volume protect. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsVolumeProtectionSpec { - /// The high watermark threshold for volume space usage. - /// If there is any specified volumes who's space usage is over the threshold, the pre-defined "LOCK" action - /// will be triggered to degrade the service to protect volume from space exhaustion, such as to set the instance - /// as read-only. And after that, if all volumes' space usage drops under the threshold later, the pre-defined - /// "UNLOCK" action will be performed to recover the service normally. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "highWatermark")] - pub high_watermark: Option, - /// The Volumes to be protected. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub volumes: Option>, -} - -/// ProtectedVolume is deprecated since v0.9, replaced with ComponentVolume.HighWatermark. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsVolumeProtectionSpecVolumes { - /// Defines the high watermark threshold for the volume, it will override the component level threshold. - /// If the value is invalid, it will be ignored and the component level threshold will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "highWatermark")] - pub high_watermark: Option, - /// The Name of the volume to protect. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, -} - -/// VolumeTypeSpec is deprecated since v0.9, replaced with ComponentVolume. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterDefinitionComponentDefsVolumeTypes { - /// Corresponds to the name of the VolumeMounts field in PodSpec.Container. - pub name: String, - /// Type of data the volume will persistent. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] - pub r#type: Option, -} - -/// VolumeTypeSpec is deprecated since v0.9, replaced with ComponentVolume. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsVolumeTypesType { - #[serde(rename = "data")] - Data, - #[serde(rename = "log")] - Log, -} - -/// ClusterComponentDefinition defines a Component within a ClusterDefinition but is deprecated and -/// has been replaced by ComponentDefinition. -/// -/// -/// Deprecated: Use ComponentDefinition instead. This type is deprecated as of version 0.8. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ClusterDefinitionComponentDefsWorkloadType { - Stateless, - Stateful, - Consensus, - Replication, -} - /// ClusterTopology represents the definition for a specific cluster topology. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDefinitionTopologies { diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs index b551d6d1f..0165c199c 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/clusters.rs @@ -578,7 +578,7 @@ pub struct ClusterComponentSpecs { /// If set, all the computing resources will be released. #[serde(default, skip_serializing_if = "Option::is_none")] pub stop: Option, - /// Defines the strategy for switchover and failover when workloadType is Replication. + /// Defines the strategy for switchover and failover. /// /// /// Deprecated since v0.9. @@ -1316,8 +1316,31 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAffinityPref #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1341,6 +1364,7 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAffinityPref } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1413,8 +1437,31 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAffinityPref #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1438,6 +1485,7 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAffinityRequ } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1541,8 +1589,31 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAntiAffinity #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1566,6 +1637,7 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAntiAffinity } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1638,8 +1710,31 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAntiAffinity #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1663,6 +1758,7 @@ pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAntiAffinity } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1962,17 +2058,6 @@ pub struct ClusterComponentSpecsInstancesVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1985,15 +2070,6 @@ pub struct ClusterComponentSpecsInstancesVolumeClaimTemplatesSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesVolumeMounts { @@ -2667,6 +2743,20 @@ pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpec /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -2745,17 +2835,6 @@ pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpec /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2768,15 +2847,6 @@ pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpec pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -3111,6 +3181,24 @@ pub struct ClusterComponentSpecsInstancesVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -3125,6 +3213,83 @@ pub struct ClusterComponentSpecsInstancesVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsInstancesVolumesProjectedSourcesConfigMap { @@ -3838,8 +4003,31 @@ pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuri #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -3863,6 +4051,7 @@ pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuri } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3935,8 +4124,31 @@ pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityPreferredDuri #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -3960,6 +4172,7 @@ pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDurin } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4063,8 +4276,31 @@ pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferred #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4088,6 +4324,7 @@ pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferred } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4160,8 +4397,31 @@ pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityPreferred #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4185,6 +4445,7 @@ pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredD } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4582,7 +4843,7 @@ pub enum ClusterComponentSpecsServicesServiceType { LoadBalancer, } -/// Defines the strategy for switchover and failover when workloadType is Replication. +/// Defines the strategy for switchover and failover. /// /// /// Deprecated since v0.9. @@ -4595,7 +4856,7 @@ pub struct ClusterComponentSpecsSwitchPolicy { pub r#type: Option, } -/// Defines the strategy for switchover and failover when workloadType is Replication. +/// Defines the strategy for switchover and failover. /// /// /// Deprecated since v0.9. @@ -4920,17 +5181,6 @@ pub struct ClusterComponentSpecsVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4943,15 +5193,6 @@ pub struct ClusterComponentSpecsVolumeClaimTemplatesSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsVolumes { @@ -5594,6 +5835,20 @@ pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -5672,17 +5927,6 @@ pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecDataSourc /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5695,15 +5939,6 @@ pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecResources pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -6038,6 +6273,24 @@ pub struct ClusterComponentSpecsVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -6052,6 +6305,83 @@ pub struct ClusterComponentSpecsVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterComponentSpecsVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterComponentSpecsVolumesProjectedSourcesConfigMap { @@ -6729,8 +7059,31 @@ pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIg #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -6754,6 +7107,7 @@ pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIg } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6826,8 +7180,31 @@ pub struct ClusterSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIg #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -6851,6 +7228,7 @@ pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgn } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6954,8 +7332,31 @@ pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringScheduli #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -6979,6 +7380,7 @@ pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringScheduli } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7051,8 +7453,31 @@ pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityPreferredDuringScheduli #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -7076,6 +7501,7 @@ pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulin } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -7613,7 +8039,7 @@ pub struct ClusterServicesSpecPorts { /// /// /// * Kubernetes-defined prefixed names: - /// * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 + /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 /// @@ -7959,7 +8385,7 @@ pub struct ClusterShardingSpecsTemplate { /// If set, all the computing resources will be released. #[serde(default, skip_serializing_if = "Option::is_none")] pub stop: Option, - /// Defines the strategy for switchover and failover when workloadType is Replication. + /// Defines the strategy for switchover and failover. /// /// /// Deprecated since v0.9. @@ -8697,8 +9123,31 @@ pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAffin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -8722,6 +9171,7 @@ pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAffin } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8794,8 +9244,31 @@ pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAffin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -8819,6 +9292,7 @@ pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAffin } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -8922,8 +9396,31 @@ pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAntiA #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -8947,6 +9444,7 @@ pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAntiA } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -9019,8 +9517,31 @@ pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAntiA #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -9044,6 +9565,7 @@ pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAntiA } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -9343,17 +9865,6 @@ pub struct ClusterShardingSpecsTemplateInstancesVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -9366,15 +9877,6 @@ pub struct ClusterShardingSpecsTemplateInstancesVolumeClaimTemplatesSpecResource pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingSpecsTemplateInstancesVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesVolumeMounts { @@ -10048,6 +10550,20 @@ pub struct ClusterShardingSpecsTemplateInstancesVolumesEphemeralVolumeClaimTempl /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -10126,17 +10642,6 @@ pub struct ClusterShardingSpecsTemplateInstancesVolumesEphemeralVolumeClaimTempl /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -10149,15 +10654,6 @@ pub struct ClusterShardingSpecsTemplateInstancesVolumesEphemeralVolumeClaimTempl pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingSpecsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -10492,6 +10988,24 @@ pub struct ClusterShardingSpecsTemplateInstancesVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -10506,6 +11020,83 @@ pub struct ClusterShardingSpecsTemplateInstancesVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingSpecsTemplateInstancesVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingSpecsTemplateInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingSpecsTemplateInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateInstancesVolumesProjectedSourcesConfigMap { @@ -11219,8 +11810,31 @@ pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAffinityPrefer #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -11244,6 +11858,7 @@ pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAffinityPrefer } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -11316,8 +11931,31 @@ pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAffinityPrefer #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -11341,6 +11979,7 @@ pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAffinityRequir } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -11444,8 +12083,31 @@ pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAntiAffinityPr #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -11469,6 +12131,7 @@ pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAntiAffinityPr } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -11541,8 +12204,31 @@ pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAntiAffinityPr #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -11566,6 +12252,7 @@ pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAntiAffinityRe } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -11963,7 +12650,7 @@ pub enum ClusterShardingSpecsTemplateServicesServiceType { LoadBalancer, } -/// Defines the strategy for switchover and failover when workloadType is Replication. +/// Defines the strategy for switchover and failover. /// /// /// Deprecated since v0.9. @@ -11976,7 +12663,7 @@ pub struct ClusterShardingSpecsTemplateSwitchPolicy { pub r#type: Option, } -/// Defines the strategy for switchover and failover when workloadType is Replication. +/// Defines the strategy for switchover and failover. /// /// /// Deprecated since v0.9. @@ -12307,17 +12994,6 @@ pub struct ClusterShardingSpecsTemplateVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -12330,15 +13006,6 @@ pub struct ClusterShardingSpecsTemplateVolumeClaimTemplatesSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingSpecsTemplateVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateVolumes { @@ -12981,6 +13648,20 @@ pub struct ClusterShardingSpecsTemplateVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -13059,17 +13740,6 @@ pub struct ClusterShardingSpecsTemplateVolumesEphemeralVolumeClaimTemplateSpecDa /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -13082,15 +13752,6 @@ pub struct ClusterShardingSpecsTemplateVolumesEphemeralVolumeClaimTemplateSpecRe pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterShardingSpecsTemplateVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -13425,6 +14086,24 @@ pub struct ClusterShardingSpecsTemplateVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -13439,6 +14118,83 @@ pub struct ClusterShardingSpecsTemplateVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingSpecsTemplateVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingSpecsTemplateVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterShardingSpecsTemplateVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterShardingSpecsTemplateVolumesProjectedSourcesConfigMap { diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs index 7989b99f8..72d5c378b 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/componentdefinitions.rs @@ -6059,8 +6059,31 @@ pub struct ComponentDefinitionRuntimeAffinityPodAffinityPreferredDuringSchedulin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -6084,6 +6107,7 @@ pub struct ComponentDefinitionRuntimeAffinityPodAffinityPreferredDuringSchedulin } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6156,8 +6180,31 @@ pub struct ComponentDefinitionRuntimeAffinityPodAffinityPreferredDuringSchedulin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -6181,6 +6228,7 @@ pub struct ComponentDefinitionRuntimeAffinityPodAffinityRequiredDuringScheduling } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6284,8 +6332,31 @@ pub struct ComponentDefinitionRuntimeAffinityPodAntiAffinityPreferredDuringSched #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -6309,6 +6380,7 @@ pub struct ComponentDefinitionRuntimeAffinityPodAntiAffinityPreferredDuringSched } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6381,8 +6453,31 @@ pub struct ComponentDefinitionRuntimeAffinityPodAntiAffinityPreferredDuringSched #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -6406,6 +6501,7 @@ pub struct ComponentDefinitionRuntimeAffinityPodAntiAffinityRequiredDuringSchedu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -6807,6 +6903,9 @@ pub struct ComponentDefinitionRuntimeContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -6859,6 +6958,13 @@ pub struct ComponentDefinitionRuntimeContainersLifecyclePostStartHttpGetHttpHead pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionRuntimeContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -6890,6 +6996,9 @@ pub struct ComponentDefinitionRuntimeContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -6942,6 +7051,13 @@ pub struct ComponentDefinitionRuntimeContainersLifecyclePreStopHttpGetHttpHeader pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionRuntimeContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -7966,6 +8082,9 @@ pub struct ComponentDefinitionRuntimeEphemeralContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -8018,6 +8137,13 @@ pub struct ComponentDefinitionRuntimeEphemeralContainersLifecyclePostStartHttpGe pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionRuntimeEphemeralContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -8049,6 +8175,9 @@ pub struct ComponentDefinitionRuntimeEphemeralContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -8101,6 +8230,13 @@ pub struct ComponentDefinitionRuntimeEphemeralContainersLifecyclePreStopHttpGetH pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionRuntimeEphemeralContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -9120,6 +9256,9 @@ pub struct ComponentDefinitionRuntimeInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -9172,6 +9311,13 @@ pub struct ComponentDefinitionRuntimeInitContainersLifecyclePostStartHttpGetHttp pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionRuntimeInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -9203,6 +9349,9 @@ pub struct ComponentDefinitionRuntimeInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -9255,6 +9404,13 @@ pub struct ComponentDefinitionRuntimeInitContainersLifecyclePreStopHttpGetHttpHe pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionRuntimeInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -11009,6 +11165,20 @@ pub struct ComponentDefinitionRuntimeVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -11087,17 +11257,6 @@ pub struct ComponentDefinitionRuntimeVolumesEphemeralVolumeClaimTemplateSpecData /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -11110,15 +11269,6 @@ pub struct ComponentDefinitionRuntimeVolumesEphemeralVolumeClaimTemplateSpecReso pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentDefinitionRuntimeVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -11453,6 +11603,24 @@ pub struct ComponentDefinitionRuntimeVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -11467,6 +11635,83 @@ pub struct ComponentDefinitionRuntimeVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionRuntimeVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionRuntimeVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentDefinitionRuntimeVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentDefinitionRuntimeVolumesProjectedSourcesConfigMap { @@ -12290,7 +12535,7 @@ pub struct ComponentDefinitionServicesSpecPorts { /// /// /// * Kubernetes-defined prefixed names: - /// * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 + /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 /// diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs index 5213b5ad8..1d8242fdf 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/components.rs @@ -915,8 +915,31 @@ pub struct ComponentInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringS #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -940,6 +963,7 @@ pub struct ComponentInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringS } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1012,8 +1036,31 @@ pub struct ComponentInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringS #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1037,6 +1084,7 @@ pub struct ComponentInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSc } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1140,8 +1188,31 @@ pub struct ComponentInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDur #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1165,6 +1236,7 @@ pub struct ComponentInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDur } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1237,8 +1309,31 @@ pub struct ComponentInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDur #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1262,6 +1357,7 @@ pub struct ComponentInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuri } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1561,17 +1657,6 @@ pub struct ComponentInstancesVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1584,15 +1669,6 @@ pub struct ComponentInstancesVolumeClaimTemplatesSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesVolumeMounts { @@ -2266,6 +2342,20 @@ pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -2344,17 +2434,6 @@ pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSourceRe /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2367,15 +2446,6 @@ pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -2710,6 +2780,24 @@ pub struct ComponentInstancesVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -2724,6 +2812,83 @@ pub struct ComponentInstancesVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentInstancesVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentInstancesVolumesProjectedSourcesConfigMap { @@ -3402,8 +3567,31 @@ pub struct ComponentSchedulingPolicyAffinityPodAffinityPreferredDuringScheduling #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -3427,6 +3615,7 @@ pub struct ComponentSchedulingPolicyAffinityPodAffinityPreferredDuringScheduling } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3499,8 +3688,31 @@ pub struct ComponentSchedulingPolicyAffinityPodAffinityPreferredDuringScheduling #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -3524,6 +3736,7 @@ pub struct ComponentSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingI } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3627,8 +3840,31 @@ pub struct ComponentSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -3652,6 +3888,7 @@ pub struct ComponentSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -3724,8 +3961,31 @@ pub struct ComponentSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -3749,6 +4009,7 @@ pub struct ComponentSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedul } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4433,7 +4694,7 @@ pub struct ComponentServicesSpecPorts { /// /// /// * Kubernetes-defined prefixed names: - /// * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 + /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 /// @@ -4706,17 +4967,6 @@ pub struct ComponentVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4729,15 +4979,6 @@ pub struct ComponentVolumeClaimTemplatesSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// Volume represents a named volume in a pod that may be accessed by any container in the pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentVolumes { @@ -5380,6 +5621,20 @@ pub struct ComponentVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -5458,17 +5713,6 @@ pub struct ComponentVolumesEphemeralVolumeClaimTemplateSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5481,15 +5725,6 @@ pub struct ComponentVolumesEphemeralVolumeClaimTemplateSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ComponentVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -5824,6 +6059,24 @@ pub struct ComponentVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -5838,6 +6091,83 @@ pub struct ComponentVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ComponentVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ComponentVolumesProjectedSourcesConfigMap { diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsdefinitions.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsdefinitions.rs index f85ba44f4..bf7ebfbb7 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsdefinitions.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsdefinitions.rs @@ -693,8 +693,31 @@ pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAffinityPreferredDuring #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -718,6 +741,7 @@ pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAffinityPreferredDuring } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -790,8 +814,31 @@ pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAffinityPreferredDuring #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -815,6 +862,7 @@ pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAffinityRequiredDuringS } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -918,8 +966,31 @@ pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAntiAffinityPreferredDu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -943,6 +1014,7 @@ pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAntiAffinityPreferredDu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1015,8 +1087,31 @@ pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAntiAffinityPreferredDu #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1040,6 +1135,7 @@ pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAntiAffinityRequiredDur } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1441,6 +1537,9 @@ pub struct OpsDefinitionActionsWorkloadPodSpecContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1493,6 +1592,13 @@ pub struct OpsDefinitionActionsWorkloadPodSpecContainersLifecyclePostStartHttpGe pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsDefinitionActionsWorkloadPodSpecContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1524,6 +1630,9 @@ pub struct OpsDefinitionActionsWorkloadPodSpecContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -1576,6 +1685,13 @@ pub struct OpsDefinitionActionsWorkloadPodSpecContainersLifecyclePreStopHttpGetH pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsDefinitionActionsWorkloadPodSpecContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -2600,6 +2716,9 @@ pub struct OpsDefinitionActionsWorkloadPodSpecEphemeralContainersLifecyclePostSt /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -2652,6 +2771,13 @@ pub struct OpsDefinitionActionsWorkloadPodSpecEphemeralContainersLifecyclePostSt pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsDefinitionActionsWorkloadPodSpecEphemeralContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -2683,6 +2809,9 @@ pub struct OpsDefinitionActionsWorkloadPodSpecEphemeralContainersLifecyclePreSto /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -2735,6 +2864,13 @@ pub struct OpsDefinitionActionsWorkloadPodSpecEphemeralContainersLifecyclePreSto pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsDefinitionActionsWorkloadPodSpecEphemeralContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -3754,6 +3890,9 @@ pub struct OpsDefinitionActionsWorkloadPodSpecInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -3806,6 +3945,13 @@ pub struct OpsDefinitionActionsWorkloadPodSpecInitContainersLifecyclePostStartHt pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsDefinitionActionsWorkloadPodSpecInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -3837,6 +3983,9 @@ pub struct OpsDefinitionActionsWorkloadPodSpecInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -3889,6 +4038,13 @@ pub struct OpsDefinitionActionsWorkloadPodSpecInitContainersLifecyclePreStopHttp pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsDefinitionActionsWorkloadPodSpecInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -5643,6 +5799,20 @@ pub struct OpsDefinitionActionsWorkloadPodSpecVolumesEphemeralVolumeClaimTemplat /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -5721,17 +5891,6 @@ pub struct OpsDefinitionActionsWorkloadPodSpecVolumesEphemeralVolumeClaimTemplat /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5744,15 +5903,6 @@ pub struct OpsDefinitionActionsWorkloadPodSpecVolumesEphemeralVolumeClaimTemplat pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OpsDefinitionActionsWorkloadPodSpecVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -6087,6 +6237,24 @@ pub struct OpsDefinitionActionsWorkloadPodSpecVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -6101,6 +6269,83 @@ pub struct OpsDefinitionActionsWorkloadPodSpecVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsDefinitionActionsWorkloadPodSpecVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsDefinitionActionsWorkloadPodSpecVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsDefinitionActionsWorkloadPodSpecVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsDefinitionActionsWorkloadPodSpecVolumesProjectedSourcesConfigMap { diff --git a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsrequests.rs b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsrequests.rs index bcf96256f..fcd37fc8c 100644 --- a/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsrequests.rs +++ b/kube-custom-resources-rs/src/apps_kubeblocks_io/v1alpha1/opsrequests.rs @@ -47,6 +47,9 @@ pub struct OpsRequestSpec { /// Specifies a custom operation defined by OpsDefinition. #[serde(default, skip_serializing_if = "Option::is_none")] pub custom: Option, + /// Indicates whether opsRequest should continue to queue when 'force' is set to true. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "enqueueOnForce")] + pub enqueue_on_force: Option, /// Lists Expose objects, each specifying a Component and its services to be exposed. #[serde(default, skip_serializing_if = "Option::is_none")] pub expose: Option>, @@ -455,7 +458,7 @@ pub struct OpsRequestExposeServicesPorts { /// /// /// * Kubernetes-defined prefixed names: - /// * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 + /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 /// @@ -1002,8 +1005,31 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffini #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1027,6 +1053,7 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffini } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1099,8 +1126,31 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffini #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1124,6 +1174,7 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffini } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1227,8 +1278,31 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffini #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1252,6 +1326,7 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffini } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1324,8 +1399,31 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffini #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1349,6 +1447,7 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffini } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1648,17 +1747,6 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumeClaimTemplatesSp /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1671,15 +1759,6 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumeClaimTemplatesSp pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumeMounts { @@ -2353,6 +2432,20 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesEphemeralVolume /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -2431,17 +2524,6 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesEphemeralVolume /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2454,15 +2536,6 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesEphemeralVolume pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -2797,6 +2870,24 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -2811,6 +2902,83 @@ pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesProjectedSource pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestHorizontalScalingScaleOutNewInstancesVolumesProjectedSourcesConfigMap { @@ -4057,10 +4225,6 @@ pub struct OpsRequestStatusComponents { /// Provides an explanation for the Component being in its current state. #[serde(default, skip_serializing_if = "Option::is_none")] pub reason: Option, - /// Records the workload type of Component in ClusterDefinition. - /// Deprecated and should be removed in the future version. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "workloadType")] - pub workload_type: Option, } /// Records the status information of Components changed due to the OpsRequest. @@ -4147,15 +4311,6 @@ pub enum OpsRequestStatusComponentsProgressDetailsStatus { Succeed, } -/// Records the status information of Components changed due to the OpsRequest. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum OpsRequestStatusComponentsWorkloadType { - Stateless, - Stateful, - Consensus, - Replication, -} - /// Records the configuration prior to any changes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfiguration { @@ -4645,8 +4800,31 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyA #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4670,6 +4848,7 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyA } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4742,8 +4921,31 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyA #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4767,6 +4969,7 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyA } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4870,8 +5073,31 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyA #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4895,6 +5121,7 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyA } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4967,8 +5194,31 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyA #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4992,6 +5242,7 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyA } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -5291,17 +5542,6 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumeClaimTempla /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -5314,15 +5554,6 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumeClaimTempla pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumeMounts { @@ -5996,6 +6227,20 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesEphemeralV /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -6074,17 +6319,6 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesEphemeralV /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -6097,15 +6331,6 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesEphemeralV pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -6440,6 +6665,24 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesProjected /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -6454,6 +6697,83 @@ pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesProjectedS pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct OpsRequestStatusLastConfigurationComponentsInstancesVolumesProjectedSourcesConfigMap { diff --git a/kube-custom-resources-rs/src/camel_apache_org/v1/builds.rs b/kube-custom-resources-rs/src/camel_apache_org/v1/builds.rs index 3f97c0f62..32a28aab7 100644 --- a/kube-custom-resources-rs/src/camel_apache_org/v1/builds.rs +++ b/kube-custom-resources-rs/src/camel_apache_org/v1/builds.rs @@ -11,7 +11,8 @@ mod prelude { } use self::prelude::*; -/// BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate to think it as pipeline. +/// BuildSpec defines the list of tasks to be execute for a Build. From Camel K version 2, it would be more appropriate +/// to think it as pipeline. #[derive(CustomResource, Serialize, Deserialize, Clone, Debug, Default, PartialEq)] #[kube(group = "camel.apache.org", version = "v1", kind = "Build", plural = "builds")] #[kube(namespaced)] @@ -20,27 +21,35 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct BuildSpec { - /// The configuration that should be used to perform the Build. Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility + /// The configuration that should be used to perform the Build. + /// Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility #[serde(default, skip_serializing_if = "Option::is_none")] pub configuration: Option, - /// the maximum amount of parallel running builds started by this operator instance Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility + /// the maximum amount of parallel running builds started by this operator instance + /// Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxRunningBuilds")] pub max_running_builds: Option, - /// The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation). Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility + /// The namespace where to run the builder Pod (must be the same of the operator in charge of this Build reconciliation). + /// Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility #[serde(default, skip_serializing_if = "Option::is_none", rename = "operatorNamespace")] pub operator_namespace: Option, /// The sequence of tasks (pipeline) to be performed. #[serde(default, skip_serializing_if = "Option::is_none")] pub tasks: Option>, - /// Timeout defines the Build maximum execution duration. The Build deadline is set to the Build start time plus the Timeout duration. If the Build deadline is exceeded, the Build context is canceled, and its phase set to BuildPhaseFailed. + /// Timeout defines the Build maximum execution duration. + /// The Build deadline is set to the Build start time plus the Timeout duration. + /// If the Build deadline is exceeded, the Build context is canceled, + /// and its phase set to BuildPhaseFailed. #[serde(default, skip_serializing_if = "Option::is_none")] pub timeout: Option, - /// The container image to be used to run the build. Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility + /// The container image to be used to run the build. + /// Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility #[serde(default, skip_serializing_if = "Option::is_none", rename = "toolImage")] pub tool_image: Option, } -/// The configuration that should be used to perform the Build. Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility +/// The configuration that should be used to perform the Build. +/// Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildConfiguration { /// Annotation to use for the builder pod. Only used for `pod` strategy @@ -78,7 +87,8 @@ pub struct BuildConfiguration { pub tool_image: Option, } -/// The configuration that should be used to perform the Build. Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility +/// The configuration that should be used to perform the Build. +/// Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum BuildConfigurationOrderStrategy { #[serde(rename = "dependencies")] @@ -89,7 +99,8 @@ pub enum BuildConfigurationOrderStrategy { Sequential, } -/// The configuration that should be used to perform the Build. Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility +/// The configuration that should be used to perform the Build. +/// Deprecated: no longer in use in Camel K 2 - maintained for backward compatibility #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum BuildConfigurationStrategy { #[serde(rename = "routine")] @@ -101,7 +112,8 @@ pub enum BuildConfigurationStrategy { /// Task represents the abstract task. Only one of the task should be configured to represent the specific task chosen. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasks { - /// a BuildahTask, for Buildah strategy Deprecated: use jib, s2i or a custom publishing strategy instead + /// a BuildahTask, for Buildah strategy + /// Deprecated: use jib, s2i or a custom publishing strategy instead #[serde(default, skip_serializing_if = "Option::is_none")] pub buildah: Option, /// a BuilderTask, used to generate and build the project @@ -113,21 +125,25 @@ pub struct BuildTasks { /// a JibTask, for Jib strategy #[serde(default, skip_serializing_if = "Option::is_none")] pub jib: Option, - /// a KanikoTask, for Kaniko strategy Deprecated: use jib, s2i or a custom publishing strategy instead + /// a KanikoTask, for Kaniko strategy + /// Deprecated: use jib, s2i or a custom publishing strategy instead #[serde(default, skip_serializing_if = "Option::is_none")] pub kaniko: Option, - /// Application pre publishing a PackageTask, used to package the project + /// Application pre publishing + /// a PackageTask, used to package the project #[serde(default, skip_serializing_if = "Option::is_none")] pub package: Option, /// a S2iTask, for S2I strategy #[serde(default, skip_serializing_if = "Option::is_none")] pub s2i: Option, - /// a SpectrumTask, for Spectrum strategy Deprecated: use jib, s2i or a custom publishing strategy instead + /// a SpectrumTask, for Spectrum strategy + /// Deprecated: use jib, s2i or a custom publishing strategy instead #[serde(default, skip_serializing_if = "Option::is_none")] pub spectrum: Option, } -/// a BuildahTask, for Buildah strategy Deprecated: use jib, s2i or a custom publishing strategy instead +/// a BuildahTask, for Buildah strategy +/// Deprecated: use jib, s2i or a custom publishing strategy instead #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksBuildah { /// base image layer @@ -330,19 +346,28 @@ pub enum BuildTasksBuilderConfigurationStrategy { /// the configuration required by Maven for the application build phase #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksBuilderMaven { - /// The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore. + /// The Secrets name and key, containing the CA certificate(s) used to connect + /// to remote Maven repositories. + /// It can contain X.509 certificates, and PKCS#7 formatted certificate chains. + /// A JKS formatted keystore is automatically created to store the CA certificate(s), + /// and configured to be used as a trusted certificate(s) by the Maven commands. + /// Note that the root CA certificates are also imported into the created keystore. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caSecrets")] pub ca_secrets: Option>, - /// The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. + /// The CLI options that are appended to the list of arguments for Maven commands, + /// e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. + /// See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cliOptions")] pub cli_options: Option>, - /// The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html. + /// The Maven build extensions. + /// See https://maven.apache.org/guides/mini/guide-using-extensions.html. #[serde(default, skip_serializing_if = "Option::is_none")] pub extension: Option>, /// The path of the local Maven repository. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localRepository")] pub local_repository: Option, - /// A reference to the ConfigMap or Secret key that contains the Maven profile. + /// A reference to the ConfigMap or Secret key that contains + /// the Maven profile. #[serde(default, skip_serializing_if = "Option::is_none")] pub profiles: Option>, /// The Maven properties. @@ -354,10 +379,12 @@ pub struct BuildTasksBuilderMaven { /// Servers (auth) #[serde(default, skip_serializing_if = "Option::is_none")] pub servers: Option>, - /// A reference to the ConfigMap or Secret key that contains the Maven settings. + /// A reference to the ConfigMap or Secret key that contains + /// the Maven settings. #[serde(default, skip_serializing_if = "Option::is_none")] pub settings: Option, - /// A reference to the ConfigMap or Secret key that contains the security of the Maven settings. + /// A reference to the ConfigMap or Secret key that contains + /// the security of the Maven settings. #[serde(default, skip_serializing_if = "Option::is_none", rename = "settingsSecurity")] pub settings_security: Option, } @@ -367,7 +394,9 @@ pub struct BuildTasksBuilderMaven { pub struct BuildTasksBuilderMavenCaSecrets { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -411,7 +440,9 @@ pub struct BuildTasksBuilderMavenProfiles { pub struct BuildTasksBuilderMavenProfilesConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -424,7 +455,9 @@ pub struct BuildTasksBuilderMavenProfilesConfigMapKeyRef { pub struct BuildTasksBuilderMavenProfilesSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -453,12 +486,15 @@ pub struct BuildTasksBuilderMavenRepositories { /// can use stable releases #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksBuilderMavenRepositoriesReleases { - /// When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. + /// When Maven deploys files to the repository, it also deploys corresponding checksum files. + /// Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. #[serde(default, skip_serializing_if = "Option::is_none", rename = "checksumPolicy")] pub checksum_policy: Option, /// is the policy activated or not pub enabled: bool, - /// This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` + /// This element specifies how often updates should attempt to occur. + /// Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. + /// The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePolicy")] pub update_policy: Option, } @@ -466,12 +502,15 @@ pub struct BuildTasksBuilderMavenRepositoriesReleases { /// can use snapshot #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksBuilderMavenRepositoriesSnapshots { - /// When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. + /// When Maven deploys files to the repository, it also deploys corresponding checksum files. + /// Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. #[serde(default, skip_serializing_if = "Option::is_none", rename = "checksumPolicy")] pub checksum_policy: Option, /// is the policy activated or not pub enabled: bool, - /// This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` + /// This element specifies how often updates should attempt to occur. + /// Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. + /// The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePolicy")] pub update_policy: Option, } @@ -490,7 +529,8 @@ pub struct BuildTasksBuilderMavenServers { pub username: Option, } -/// A reference to the ConfigMap or Secret key that contains the Maven settings. +/// A reference to the ConfigMap or Secret key that contains +/// the Maven settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksBuilderMavenSettings { /// Selects a key of a ConfigMap. @@ -506,7 +546,9 @@ pub struct BuildTasksBuilderMavenSettings { pub struct BuildTasksBuilderMavenSettingsConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -519,7 +561,9 @@ pub struct BuildTasksBuilderMavenSettingsConfigMapKeyRef { pub struct BuildTasksBuilderMavenSettingsSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -527,7 +571,8 @@ pub struct BuildTasksBuilderMavenSettingsSecretKeyRef { pub optional: Option, } -/// A reference to the ConfigMap or Secret key that contains the security of the Maven settings. +/// A reference to the ConfigMap or Secret key that contains +/// the security of the Maven settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksBuilderMavenSettingsSecurity { /// Selects a key of a ConfigMap. @@ -543,7 +588,9 @@ pub struct BuildTasksBuilderMavenSettingsSecurity { pub struct BuildTasksBuilderMavenSettingsSecurityConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -556,7 +603,9 @@ pub struct BuildTasksBuilderMavenSettingsSecurityConfigMapKeyRef { pub struct BuildTasksBuilderMavenSettingsSecuritySecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -678,13 +727,15 @@ pub struct BuildTasksBuilderSources { /// True if the spec is generated from a Kamelet #[serde(default, skip_serializing_if = "Option::is_none", rename = "from-kamelet")] pub from_kamelet: Option, - /// Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources + /// Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + /// uses to pre/post process sources #[serde(default, skip_serializing_if = "Option::is_none")] pub interceptors: Option>, /// specify which is the language (Camel DSL) used to interpret this source code #[serde(default, skip_serializing_if = "Option::is_none")] pub language: Option, - /// Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime + /// Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + /// interpret this source at runtime #[serde(default, skip_serializing_if = "Option::is_none")] pub loader: Option, /// the name of the specification @@ -707,7 +758,8 @@ pub struct BuildTasksBuilderSources { /// User customizable task execution. These are executed after the build and before the package task. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksCustom { - /// the command to execute Deprecated: use ContainerCommands + /// the command to execute + /// Deprecated: use ContainerCommands #[serde(default, skip_serializing_if = "Option::is_none")] pub command: Option, /// the command to execute @@ -889,7 +941,8 @@ pub struct BuildTasksJibRegistry { pub secret: Option, } -/// a KanikoTask, for Kaniko strategy Deprecated: use jib, s2i or a custom publishing strategy instead +/// a KanikoTask, for Kaniko strategy +/// Deprecated: use jib, s2i or a custom publishing strategy instead #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksKaniko { /// base image layer @@ -1010,7 +1063,8 @@ pub struct BuildTasksKanikoRegistry { pub secret: Option, } -/// Application pre publishing a PackageTask, used to package the project +/// Application pre publishing +/// a PackageTask, used to package the project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksPackage { /// the base image layer @@ -1103,19 +1157,28 @@ pub enum BuildTasksPackageConfigurationStrategy { /// the configuration required by Maven for the application build phase #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksPackageMaven { - /// The Secrets name and key, containing the CA certificate(s) used to connect to remote Maven repositories. It can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. Note that the root CA certificates are also imported into the created keystore. + /// The Secrets name and key, containing the CA certificate(s) used to connect + /// to remote Maven repositories. + /// It can contain X.509 certificates, and PKCS#7 formatted certificate chains. + /// A JKS formatted keystore is automatically created to store the CA certificate(s), + /// and configured to be used as a trusted certificate(s) by the Maven commands. + /// Note that the root CA certificates are also imported into the created keystore. #[serde(default, skip_serializing_if = "Option::is_none", rename = "caSecrets")] pub ca_secrets: Option>, - /// The CLI options that are appended to the list of arguments for Maven commands, e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. + /// The CLI options that are appended to the list of arguments for Maven commands, + /// e.g., `-V,--no-transfer-progress,-Dstyle.color=never`. + /// See https://maven.apache.org/ref/3.8.4/maven-embedder/cli.html. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cliOptions")] pub cli_options: Option>, - /// The Maven build extensions. See https://maven.apache.org/guides/mini/guide-using-extensions.html. + /// The Maven build extensions. + /// See https://maven.apache.org/guides/mini/guide-using-extensions.html. #[serde(default, skip_serializing_if = "Option::is_none")] pub extension: Option>, /// The path of the local Maven repository. #[serde(default, skip_serializing_if = "Option::is_none", rename = "localRepository")] pub local_repository: Option, - /// A reference to the ConfigMap or Secret key that contains the Maven profile. + /// A reference to the ConfigMap or Secret key that contains + /// the Maven profile. #[serde(default, skip_serializing_if = "Option::is_none")] pub profiles: Option>, /// The Maven properties. @@ -1127,10 +1190,12 @@ pub struct BuildTasksPackageMaven { /// Servers (auth) #[serde(default, skip_serializing_if = "Option::is_none")] pub servers: Option>, - /// A reference to the ConfigMap or Secret key that contains the Maven settings. + /// A reference to the ConfigMap or Secret key that contains + /// the Maven settings. #[serde(default, skip_serializing_if = "Option::is_none")] pub settings: Option, - /// A reference to the ConfigMap or Secret key that contains the security of the Maven settings. + /// A reference to the ConfigMap or Secret key that contains + /// the security of the Maven settings. #[serde(default, skip_serializing_if = "Option::is_none", rename = "settingsSecurity")] pub settings_security: Option, } @@ -1140,7 +1205,9 @@ pub struct BuildTasksPackageMaven { pub struct BuildTasksPackageMavenCaSecrets { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1184,7 +1251,9 @@ pub struct BuildTasksPackageMavenProfiles { pub struct BuildTasksPackageMavenProfilesConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1197,7 +1266,9 @@ pub struct BuildTasksPackageMavenProfilesConfigMapKeyRef { pub struct BuildTasksPackageMavenProfilesSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1226,12 +1297,15 @@ pub struct BuildTasksPackageMavenRepositories { /// can use stable releases #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksPackageMavenRepositoriesReleases { - /// When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. + /// When Maven deploys files to the repository, it also deploys corresponding checksum files. + /// Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. #[serde(default, skip_serializing_if = "Option::is_none", rename = "checksumPolicy")] pub checksum_policy: Option, /// is the policy activated or not pub enabled: bool, - /// This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` + /// This element specifies how often updates should attempt to occur. + /// Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. + /// The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePolicy")] pub update_policy: Option, } @@ -1239,12 +1313,15 @@ pub struct BuildTasksPackageMavenRepositoriesReleases { /// can use snapshot #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksPackageMavenRepositoriesSnapshots { - /// When Maven deploys files to the repository, it also deploys corresponding checksum files. Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. + /// When Maven deploys files to the repository, it also deploys corresponding checksum files. + /// Your options are to `ignore`, `fail`, or `warn` on missing or incorrect checksums. #[serde(default, skip_serializing_if = "Option::is_none", rename = "checksumPolicy")] pub checksum_policy: Option, /// is the policy activated or not pub enabled: bool, - /// This element specifies how often updates should attempt to occur. Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` + /// This element specifies how often updates should attempt to occur. + /// Maven will compare the local POM's timestamp (stored in a repository's maven-metadata file) to the remote. + /// The choices are: `always`, `daily` (default), `interval:X` (where X is an integer in minutes) or `never` #[serde(default, skip_serializing_if = "Option::is_none", rename = "updatePolicy")] pub update_policy: Option, } @@ -1263,7 +1340,8 @@ pub struct BuildTasksPackageMavenServers { pub username: Option, } -/// A reference to the ConfigMap or Secret key that contains the Maven settings. +/// A reference to the ConfigMap or Secret key that contains +/// the Maven settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksPackageMavenSettings { /// Selects a key of a ConfigMap. @@ -1279,7 +1357,9 @@ pub struct BuildTasksPackageMavenSettings { pub struct BuildTasksPackageMavenSettingsConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1292,7 +1372,9 @@ pub struct BuildTasksPackageMavenSettingsConfigMapKeyRef { pub struct BuildTasksPackageMavenSettingsSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1300,7 +1382,8 @@ pub struct BuildTasksPackageMavenSettingsSecretKeyRef { pub optional: Option, } -/// A reference to the ConfigMap or Secret key that contains the security of the Maven settings. +/// A reference to the ConfigMap or Secret key that contains +/// the security of the Maven settings. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksPackageMavenSettingsSecurity { /// Selects a key of a ConfigMap. @@ -1316,7 +1399,9 @@ pub struct BuildTasksPackageMavenSettingsSecurity { pub struct BuildTasksPackageMavenSettingsSecurityConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1329,7 +1414,9 @@ pub struct BuildTasksPackageMavenSettingsSecurityConfigMapKeyRef { pub struct BuildTasksPackageMavenSettingsSecuritySecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1451,13 +1538,15 @@ pub struct BuildTasksPackageSources { /// True if the spec is generated from a Kamelet #[serde(default, skip_serializing_if = "Option::is_none", rename = "from-kamelet")] pub from_kamelet: Option, - /// Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources + /// Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + /// uses to pre/post process sources #[serde(default, skip_serializing_if = "Option::is_none")] pub interceptors: Option>, /// specify which is the language (Camel DSL) used to interpret this source code #[serde(default, skip_serializing_if = "Option::is_none")] pub language: Option, - /// Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime + /// Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + /// interpret this source at runtime #[serde(default, skip_serializing_if = "Option::is_none")] pub loader: Option, /// the name of the specification @@ -1581,7 +1670,8 @@ pub struct BuildTasksS2iRegistry { pub secret: Option, } -/// a SpectrumTask, for Spectrum strategy Deprecated: use jib, s2i or a custom publishing strategy instead +/// a SpectrumTask, for Spectrum strategy +/// Deprecated: use jib, s2i or a custom publishing strategy instead #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BuildTasksSpectrum { /// base image layer @@ -1697,7 +1787,9 @@ pub struct BuildStatus { /// the digest from image #[serde(default, skip_serializing_if = "Option::is_none")] pub digest: Option, - /// how long it took for the build Change to Duration / ISO 8601 when CRD uses OpenAPI spec v3 https://github.com/OAI/OpenAPI-Specification/issues/845 + /// how long it took for the build + /// Change to Duration / ISO 8601 when CRD uses OpenAPI spec v3 + /// https://github.com/OAI/OpenAPI-Specification/issues/845 #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, /// the error description (if any) diff --git a/kube-custom-resources-rs/src/camel_apache_org/v1/kamelets.rs b/kube-custom-resources-rs/src/camel_apache_org/v1/kamelets.rs index 2295806af..1042a0142 100644 --- a/kube-custom-resources-rs/src/camel_apache_org/v1/kamelets.rs +++ b/kube-custom-resources-rs/src/camel_apache_org/v1/kamelets.rs @@ -35,7 +35,8 @@ pub struct KameletSpec { /// the main source in YAML DSL #[serde(default, skip_serializing_if = "Option::is_none")] pub template: Option>, - /// data specification types for the events consumed/produced by the Kamelet Deprecated: In favor of using DataTypes + /// data specification types for the events consumed/produced by the Kamelet + /// Deprecated: In favor of using DataTypes #[serde(default, skip_serializing_if = "Option::is_none")] pub types: Option>, } @@ -118,7 +119,8 @@ pub struct KameletDataTypesTypesSchema { pub schema: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, /// ExternalDocumentation allows referencing an external resource for extended documentation. @@ -156,15 +158,41 @@ pub struct KameletDataTypesTypesSchemaProperties { pub description: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enum")] pub r#enum: Option>>, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMaximum")] pub exclusive_maximum: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMinimum")] pub exclusive_minimum: Option, - /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: - /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10 number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" - byte: base64 encoded binary data - password: any kind of string - date: a date string like "2006-01-02" as defined by full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + /// + /// + /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + /// - uri: an URI as parsed by Golang net/url.ParseRequestURI + /// - email: an email address as parsed by Golang net/mail.ParseAddress + /// - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + /// - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + /// - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + /// - cidr: a CIDR as parsed by Golang net.ParseCIDR + /// - mac: a MAC address as parsed by Golang net.ParseMAC + /// - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + /// - isbn10: an ISBN10 number string like "0321751043" + /// - isbn13: an ISBN13 number string like "978-0321751041" + /// - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + /// - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + /// - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + /// - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + /// - byte: base64 encoded binary data + /// - password: any kind of string + /// - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + /// - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + /// - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -213,7 +241,8 @@ pub struct KameletDefinition { pub schema: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, /// ExternalDocumentation allows referencing an external resource for extended documentation. @@ -251,15 +280,41 @@ pub struct KameletDefinitionProperties { pub description: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enum")] pub r#enum: Option>>, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMaximum")] pub exclusive_maximum: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMinimum")] pub exclusive_minimum: Option, - /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: - /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10 number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" - byte: base64 encoded binary data - password: any kind of string - date: a date string like "2006-01-02" as defined by full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + /// + /// + /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + /// - uri: an URI as parsed by Golang net/url.ParseRequestURI + /// - email: an email address as parsed by Golang net/mail.ParseAddress + /// - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + /// - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + /// - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + /// - cidr: a CIDR as parsed by Golang net.ParseCIDR + /// - mac: a MAC address as parsed by Golang net.ParseMAC + /// - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + /// - isbn10: an ISBN10 number string like "0321751043" + /// - isbn13: an ISBN13 number string like "978-0321751041" + /// - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + /// - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + /// - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + /// - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + /// - byte: base64 encoded binary data + /// - password: any kind of string + /// - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + /// - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + /// - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -321,13 +376,15 @@ pub struct KameletSources { /// True if the spec is generated from a Kamelet #[serde(default, skip_serializing_if = "Option::is_none", rename = "from-kamelet")] pub from_kamelet: Option, - /// Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources + /// Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + /// uses to pre/post process sources #[serde(default, skip_serializing_if = "Option::is_none")] pub interceptors: Option>, /// specify which is the language (Camel DSL) used to interpret this source code #[serde(default, skip_serializing_if = "Option::is_none")] pub language: Option, - /// Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime + /// Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + /// interpret this source at runtime #[serde(default, skip_serializing_if = "Option::is_none")] pub loader: Option, /// the name of the specification @@ -347,7 +404,8 @@ pub struct KameletSources { pub r#type: Option, } -/// data specification types for the events consumed/produced by the Kamelet Deprecated: In favor of using DataTypes +/// data specification types for the events consumed/produced by the Kamelet +/// Deprecated: In favor of using DataTypes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KameletTypes { /// media type as expected for HTTP media types (ie, application/json) @@ -366,7 +424,8 @@ pub struct KameletTypesSchema { pub schema: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, /// ExternalDocumentation allows referencing an external resource for extended documentation. @@ -404,15 +463,41 @@ pub struct KameletTypesSchemaProperties { pub description: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enum")] pub r#enum: Option>>, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMaximum")] pub exclusive_maximum: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMinimum")] pub exclusive_minimum: Option, - /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: - /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10 number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" - byte: base64 encoded binary data - password: any kind of string - date: a date string like "2006-01-02" as defined by full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + /// + /// + /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + /// - uri: an URI as parsed by Golang net/url.ParseRequestURI + /// - email: an email address as parsed by Golang net/mail.ParseAddress + /// - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + /// - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + /// - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + /// - cidr: a CIDR as parsed by Golang net.ParseCIDR + /// - mac: a MAC address as parsed by Golang net.ParseMAC + /// - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + /// - isbn10: an ISBN10 number string like "0321751043" + /// - isbn13: an ISBN13 number string like "978-0321751041" + /// - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + /// - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + /// - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + /// - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + /// - byte: base64 encoded binary data + /// - password: any kind of string + /// - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + /// - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + /// - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -453,7 +538,8 @@ pub struct KameletTypesSchemaProperties { pub x_descriptors: Option>, } -/// the actual status of the resource Deprecated no longer in use +/// the actual status of the resource +/// Deprecated no longer in use #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KameletStatus { /// Conditions -- diff --git a/kube-custom-resources-rs/src/camel_apache_org/v1alpha1/kamelets.rs b/kube-custom-resources-rs/src/camel_apache_org/v1alpha1/kamelets.rs index 5effc3cea..1779c36da 100644 --- a/kube-custom-resources-rs/src/camel_apache_org/v1alpha1/kamelets.rs +++ b/kube-custom-resources-rs/src/camel_apache_org/v1alpha1/kamelets.rs @@ -35,7 +35,8 @@ pub struct KameletSpec { /// the main source in YAML DSL #[serde(default, skip_serializing_if = "Option::is_none")] pub template: Option>, - /// data specification types for the events consumed/produced by the Kamelet Deprecated: In favor of using DataTypes + /// data specification types for the events consumed/produced by the Kamelet + /// Deprecated: In favor of using DataTypes #[serde(default, skip_serializing_if = "Option::is_none")] pub types: Option>, } @@ -118,7 +119,8 @@ pub struct KameletDataTypesTypesSchema { pub schema: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, /// ExternalDocumentation allows referencing an external resource for extended documentation. @@ -156,15 +158,41 @@ pub struct KameletDataTypesTypesSchemaProperties { pub description: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enum")] pub r#enum: Option>>, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMaximum")] pub exclusive_maximum: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMinimum")] pub exclusive_minimum: Option, - /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: - /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10 number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" - byte: base64 encoded binary data - password: any kind of string - date: a date string like "2006-01-02" as defined by full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + /// + /// + /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + /// - uri: an URI as parsed by Golang net/url.ParseRequestURI + /// - email: an email address as parsed by Golang net/mail.ParseAddress + /// - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + /// - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + /// - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + /// - cidr: a CIDR as parsed by Golang net.ParseCIDR + /// - mac: a MAC address as parsed by Golang net.ParseMAC + /// - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + /// - isbn10: an ISBN10 number string like "0321751043" + /// - isbn13: an ISBN13 number string like "978-0321751041" + /// - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + /// - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + /// - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + /// - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + /// - byte: base64 encoded binary data + /// - password: any kind of string + /// - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + /// - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + /// - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -213,7 +241,8 @@ pub struct KameletDefinition { pub schema: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, /// ExternalDocumentation allows referencing an external resource for extended documentation. @@ -251,15 +280,41 @@ pub struct KameletDefinitionProperties { pub description: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enum")] pub r#enum: Option>>, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMaximum")] pub exclusive_maximum: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMinimum")] pub exclusive_minimum: Option, - /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: - /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10 number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" - byte: base64 encoded binary data - password: any kind of string - date: a date string like "2006-01-02" as defined by full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + /// + /// + /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + /// - uri: an URI as parsed by Golang net/url.ParseRequestURI + /// - email: an email address as parsed by Golang net/mail.ParseAddress + /// - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + /// - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + /// - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + /// - cidr: a CIDR as parsed by Golang net.ParseCIDR + /// - mac: a MAC address as parsed by Golang net.ParseMAC + /// - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + /// - isbn10: an ISBN10 number string like "0321751043" + /// - isbn13: an ISBN13 number string like "978-0321751041" + /// - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + /// - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + /// - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + /// - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + /// - byte: base64 encoded binary data + /// - password: any kind of string + /// - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + /// - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + /// - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -321,13 +376,15 @@ pub struct KameletSources { /// True if the spec is generated from a Kamelet #[serde(default, skip_serializing_if = "Option::is_none", rename = "from-kamelet")] pub from_kamelet: Option, - /// Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader uses to pre/post process sources + /// Interceptors are optional identifiers the org.apache.camel.k.RoutesLoader + /// uses to pre/post process sources #[serde(default, skip_serializing_if = "Option::is_none")] pub interceptors: Option>, /// specify which is the language (Camel DSL) used to interpret this source code #[serde(default, skip_serializing_if = "Option::is_none")] pub language: Option, - /// Loader is an optional id of the org.apache.camel.k.RoutesLoader that will interpret this source at runtime + /// Loader is an optional id of the org.apache.camel.k.RoutesLoader that will + /// interpret this source at runtime #[serde(default, skip_serializing_if = "Option::is_none")] pub loader: Option, /// the name of the specification @@ -347,7 +404,8 @@ pub struct KameletSources { pub r#type: Option, } -/// data specification types for the events consumed/produced by the Kamelet Deprecated: In favor of using DataTypes +/// data specification types for the events consumed/produced by the Kamelet +/// Deprecated: In favor of using DataTypes #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct KameletTypes { /// media type as expected for HTTP media types (ie, application/json) @@ -366,7 +424,8 @@ pub struct KameletTypesSchema { pub schema: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub description: Option, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, /// ExternalDocumentation allows referencing an external resource for extended documentation. @@ -404,15 +463,41 @@ pub struct KameletTypesSchemaProperties { pub description: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "enum")] pub r#enum: Option>>, - /// JSON represents any valid JSON value. These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. + /// JSON represents any valid JSON value. + /// These types are supported: bool, int64, float64, string, []interface{}, map[string]interface{} and nil. #[serde(default, skip_serializing_if = "Option::is_none")] pub example: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMaximum")] pub exclusive_maximum: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "exclusiveMinimum")] pub exclusive_minimum: Option, - /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: - /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10 number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041" - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" - byte: base64 encoded binary data - password: any kind of string - date: a date string like "2006-01-02" as defined by full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. + /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats are validated: + /// + /// + /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string + /// - uri: an URI as parsed by Golang net/url.ParseRequestURI + /// - email: an email address as parsed by Golang net/mail.ParseAddress + /// - hostname: a valid representation for an Internet host name, as defined by RFC 1034, section 3.1 [RFC1034]. + /// - ipv4: an IPv4 IP as parsed by Golang net.ParseIP + /// - ipv6: an IPv6 IP as parsed by Golang net.ParseIP + /// - cidr: a CIDR as parsed by Golang net.ParseCIDR + /// - mac: a MAC address as parsed by Golang net.ParseMAC + /// - uuid: an UUID that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid3: an UUID3 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ + /// - uuid4: an UUID4 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - uuid5: an UUID5 that allows uppercase defined by the regex (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ + /// - isbn: an ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" + /// - isbn10: an ISBN10 number string like "0321751043" + /// - isbn13: an ISBN13 number string like "978-0321751041" + /// - creditcard: a credit card number defined by the regex ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\\d{3})\\d{11})$ with any non digit characters mixed in + /// - ssn: a U.S. social security number following the regex ^\\d{3}[- ]?\\d{2}[- ]?\\d{4}$ + /// - hexcolor: an hexadecimal color code like "#FFFFFF" following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ + /// - rgbcolor: an RGB color code like rgb like "rgb(255,255,255)" + /// - byte: base64 encoded binary data + /// - password: any kind of string + /// - date: a date string like "2006-01-02" as defined by full-date in RFC3339 + /// - duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or compatible with Scala duration format + /// - datetime: a date time string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339. #[serde(default, skip_serializing_if = "Option::is_none")] pub format: Option, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs index 67f22e057..97766d8e8 100644 --- a/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs +++ b/kube-custom-resources-rs/src/ceph_rook_io/v1/cephobjectstores.rs @@ -29,6 +29,9 @@ pub struct CephObjectStoreSpec { /// is being used to create buckets. The default is empty. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowUsersInNamespaces")] pub allow_users_in_namespaces: Option>, + /// The authentication configuration + #[serde(default, skip_serializing_if = "Option::is_none")] + pub auth: Option, /// The data pool settings #[serde(default, skip_serializing_if = "Option::is_none", rename = "dataPool")] pub data_pool: Option, @@ -49,6 +52,9 @@ pub struct CephObjectStoreSpec { /// Preserve pools on object store deletion #[serde(default, skip_serializing_if = "Option::is_none", rename = "preservePoolsOnDelete")] pub preserve_pools_on_delete: Option, + /// The protocol specification + #[serde(default, skip_serializing_if = "Option::is_none")] + pub protocols: Option, /// Security represents security settings #[serde(default, skip_serializing_if = "Option::is_none")] pub security: Option, @@ -60,6 +66,36 @@ pub struct CephObjectStoreSpec { pub zone: Option, } +/// The authentication configuration +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CephObjectStoreAuth { + /// The spec for Keystone + #[serde(default, skip_serializing_if = "Option::is_none")] + pub keystone: Option, +} + +/// The spec for Keystone +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CephObjectStoreAuthKeystone { + /// The roles requires to serve requests. + #[serde(rename = "acceptedRoles")] + pub accepted_roles: Vec, + /// Create new users in their own tenants of the same name. Possible values are true, false, swift and s3. The latter have the effect of splitting the identity space such that only the indicated protocol will use implicit tenants. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "implicitTenants")] + pub implicit_tenants: Option, + /// The number of seconds between token revocation checks. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "revocationInterval")] + pub revocation_interval: Option, + /// The name of the secret containing the credentials for the service user account used by RGW. It has to be in the same namespace as the object store resource. + #[serde(rename = "serviceUserSecretName")] + pub service_user_secret_name: String, + /// The maximum number of entries in each Keystone token cache. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tokenCacheSize")] + pub token_cache_size: Option, + /// The URL for the Keystone server. + pub url: String, +} + /// The data pool settings #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreDataPool { @@ -1201,6 +1237,42 @@ pub struct CephObjectStoreMetadataPoolStatusCheckMirror { pub timeout: Option, } +/// The protocol specification +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CephObjectStoreProtocols { + /// The spec for S3 + #[serde(default, skip_serializing_if = "Option::is_none")] + pub s3: Option, + /// The spec for Swift + #[serde(default, skip_serializing_if = "Option::is_none")] + pub swift: Option, +} + +/// The spec for S3 +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CephObjectStoreProtocolsS3 { + /// Whether to use Keystone for authentication. This option maps directly to the rgw_s3_auth_use_keystone option. Enabling it allows generating S3 credentials via an OpenStack API call, see the docs. If not given, the defaults of the corresponding RGW option apply. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "authUseKeystone")] + pub auth_use_keystone: Option, + /// Whether to enable S3. This defaults to true (even if protocols.s3 is not present in the CRD). This maintains backwards compatibility – by default S3 is enabled. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, +} + +/// The spec for Swift +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct CephObjectStoreProtocolsSwift { + /// Whether or not the Swift account name should be included in the Swift API URL. If set to false (the default), then the Swift API will listen on a URL formed like http://host:port//v1. If set to true, the Swift API URL will be http://host:port//v1/AUTH_. You must set this option to true (and update the Keystone service catalog) if you want radosgw to support publicly-readable containers and temporary URLs. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accountInUrl")] + pub account_in_url: Option, + /// The URL prefix for the Swift API, to distinguish it from the S3 API endpoint. The default is swift, which makes the Swift API available at the URL http://host:port/swift/v1 (or http://host:port/swift/v1/AUTH_%(tenant_id)s if rgw swift account in url is enabled). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlPrefix")] + pub url_prefix: Option, + /// Enables the Object Versioning of OpenStack Object Storage API. This allows clients to put the X-Versions-Location attribute on containers that should be versioned. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "versioningEnabled")] + pub versioning_enabled: Option, +} + /// Security represents security settings #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CephObjectStoreSecurity { diff --git a/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs b/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs index 67395fa41..1dd9dd77e 100644 --- a/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs +++ b/kube-custom-resources-rs/src/cert_manager_io/v1/clusterissuers.rs @@ -737,151 +737,1092 @@ pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoute { /// https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")] pub parent_refs: Option>, + /// Optional pod template used to configure the ACME challenge solver pods + /// used for HTTP01 challenges. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplate")] + pub pod_template: Option, /// Optional service type for Kubernetes solver service. Supported values /// are NodePort or ClusterIP. If unset, defaults to NodePort. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, } -/// ParentReference identifies an API object (usually a Gateway) that can be considered -/// a parent of this resource (usually a route). There are two kinds of parent resources -/// with "Core" support: -/// -/// -/// * Gateway (Gateway conformance profile) -/// * Service (Mesh conformance profile, ClusterIP Services only) -/// -/// -/// This API may be extended in the future to support additional kinds of parent -/// resources. -/// -/// -/// The API object must be valid in the cluster; the Group and Kind must -/// be registered in the cluster for this reference to be valid. +/// ParentReference identifies an API object (usually a Gateway) that can be considered +/// a parent of this resource (usually a route). There are two kinds of parent resources +/// with "Core" support: +/// +/// +/// * Gateway (Gateway conformance profile) +/// * Service (Mesh conformance profile, ClusterIP Services only) +/// +/// +/// This API may be extended in the future to support additional kinds of parent +/// resources. +/// +/// +/// The API object must be valid in the cluster; the Group and Kind must +/// be registered in the cluster for this reference to be valid. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRouteParentRefs { + /// Group is the group of the referent. + /// When unspecified, "gateway.networking.k8s.io" is inferred. + /// To set the core API group (such as for a "Service" kind referent), + /// Group must be explicitly set to "" (empty string). + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind is kind of the referent. + /// + /// + /// There are two kinds of parent resources with "Core" support: + /// + /// + /// * Gateway (Gateway conformance profile) + /// * Service (Mesh conformance profile, ClusterIP Services only) + /// + /// + /// Support for other resources is Implementation-Specific. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name is the name of the referent. + /// + /// + /// Support: Core + pub name: String, + /// Namespace is the namespace of the referent. When unspecified, this refers + /// to the local namespace of the Route. + /// + /// + /// Note that there are specific rules for ParentRefs which cross namespace + /// boundaries. Cross-namespace references are only valid if they are explicitly + /// allowed by something in the namespace they are referring to. For example: + /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a + /// generic way to enable any other kind of cross-namespace reference. + /// + /// + /// + /// ParentRefs from a Route to a Service in the same namespace are "producer" + /// routes, which apply default routing rules to inbound connections from + /// any namespace to the Service. + /// + /// + /// ParentRefs from a Route to a Service in a different namespace are + /// "consumer" routes, and these routing rules are only applied to outbound + /// connections originating from the same namespace as the Route, for which + /// the intended destination of the connections are a Service targeted as a + /// ParentRef of the Route. + /// + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Port is the network port this Route targets. It can be interpreted + /// differently based on the type of parent resource. + /// + /// + /// When the parent resource is a Gateway, this targets all listeners + /// listening on the specified port that also support this kind of Route(and + /// select this Route). It's not recommended to set `Port` unless the + /// networking behaviors specified in a Route must apply to a specific port + /// as opposed to a listener(s) whose port(s) may be changed. When both Port + /// and SectionName are specified, the name and port of the selected listener + /// must match both specified values. + /// + /// + /// + /// When the parent resource is a Service, this targets a specific port in the + /// Service spec. When both Port (experimental) and SectionName are specified, + /// the name and port of the selected port must match both specified values. + /// + /// + /// + /// Implementations MAY choose to support other parent resources. + /// Implementations supporting other types of parent resources MUST clearly + /// document how/if Port is interpreted. + /// + /// + /// For the purpose of status, an attachment is considered successful as + /// long as the parent resource accepts it partially. For example, Gateway + /// listeners can restrict which Routes can attach to them by Route kind, + /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment + /// from the referencing Route, the Route MUST be considered successfully + /// attached. If no Gateway listeners accept attachment from this Route, + /// the Route MUST be considered detached from the Gateway. + /// + /// + /// Support: Extended + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// SectionName is the name of a section within the target resource. In the + /// following resources, SectionName is interpreted as the following: + /// + /// + /// * Gateway: Listener name. When both Port (experimental) and SectionName + /// are specified, the name and port of the selected listener must match + /// both specified values. + /// * Service: Port name. When both Port (experimental) and SectionName + /// are specified, the name and port of the selected listener must match + /// both specified values. + /// + /// + /// Implementations MAY choose to support attaching Routes to other resources. + /// If that is the case, they MUST clearly document how SectionName is + /// interpreted. + /// + /// + /// When unspecified (empty string), this will reference the entire resource. + /// For the purpose of status, an attachment is considered successful if at + /// least one section in the parent resource accepts it. For example, Gateway + /// listeners can restrict which Routes can attach to them by Route kind, + /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from + /// the referencing Route, the Route MUST be considered successfully + /// attached. If no Gateway listeners accept attachment from this Route, the + /// Route MUST be considered detached from the Gateway. + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] + pub section_name: Option, +} + +/// Optional pod template used to configure the ACME challenge solver pods +/// used for HTTP01 challenges. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplate { + /// ObjectMeta overrides for the pod used to solve HTTP01 challenges. + /// Only the 'labels' and 'annotations' fields may be set. + /// If labels or annotations overlap with in-built values, the values here + /// will override the in-built values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option, + /// PodSpec defines overrides for the HTTP01 challenge solver pod. + /// Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. + /// All other fields will be ignored. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// ObjectMeta overrides for the pod used to solve HTTP01 challenges. +/// Only the 'labels' and 'annotations' fields may be set. +/// If labels or annotations overlap with in-built values, the values here +/// will override the in-built values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateMetadata { + /// Annotations that should be added to the create ACME HTTP01 solver pods. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Labels that should be added to the created ACME HTTP01 solver pods. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, +} + +/// PodSpec defines overrides for the HTTP01 challenge solver pod. +/// Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. +/// All other fields will be ignored. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpec { + /// If specified, the pod's scheduling constraints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// If specified, the pod's imagePullSecrets + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, + /// NodeSelector is a selector which must be true for the pod to fit on a node. + /// Selector which must match a node's labels for the pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// If specified, the pod's priorityClassName. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] + pub priority_class_name: Option, + /// If specified, the pod's security context + #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] + pub security_context: Option, + /// If specified, the pod's service account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] + pub service_account_name: Option, + /// If specified, the pod's tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, +} + +/// If specified, the pod's scheduling constraints +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRouteParentRefs { - /// Group is the group of the referent. - /// When unspecified, "gateway.networking.k8s.io" is inferred. - /// To set the core API group (such as for a "Service" kind referent), - /// Group must be explicitly set to "" (empty string). - /// - /// - /// Support: Core +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - /// Kind is kind of the referent. - /// - /// - /// There are two kinds of parent resources with "Core" support: + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecImagePullSecrets { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// If specified, the pod's security context +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: /// /// - /// * Gateway (Gateway conformance profile) - /// * Service (Mesh conformance profile, ClusterIP Services only) + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- /// /// - /// Support for other resources is Implementation-Specific. + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] + pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] + pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] + pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] + pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] + pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] + pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sysctls: Option>, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// Name is the name of the referent. + pub role: Option, + /// Type is a SELinux type label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, + /// User is a SELinux user label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: /// /// - /// Support: Core + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecSecurityContextSysctls { + /// Name of a property to set pub name: String, - /// Namespace is the namespace of the referent. When unspecified, this refers - /// to the local namespace of the Route. - /// - /// - /// Note that there are specific rules for ParentRefs which cross namespace - /// boundaries. Cross-namespace references are only valid if they are explicitly - /// allowed by something in the namespace they are referring to. For example: - /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a - /// generic way to enable any other kind of cross-namespace reference. - /// - /// - /// - /// ParentRefs from a Route to a Service in the same namespace are "producer" - /// routes, which apply default routing rules to inbound connections from - /// any namespace to the Service. - /// - /// - /// ParentRefs from a Route to a Service in a different namespace are - /// "consumer" routes, and these routing rules are only applied to outbound - /// connections originating from the same namespace as the Route, for which - /// the intended destination of the connections are a Service targeted as a - /// ParentRef of the Route. - /// - /// - /// - /// Support: Core + /// Value of a property to set + pub value: String, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, - /// Port is the network port this Route targets. It can be interpreted - /// differently based on the type of parent resource. - /// - /// - /// When the parent resource is a Gateway, this targets all listeners - /// listening on the specified port that also support this kind of Route(and - /// select this Route). It's not recommended to set `Port` unless the - /// networking behaviors specified in a Route must apply to a specific port - /// as opposed to a listener(s) whose port(s) may be changed. When both Port - /// and SectionName are specified, the name and port of the selected listener - /// must match both specified values. - /// - /// - /// - /// When the parent resource is a Service, this targets a specific port in the - /// Service spec. When both Port (experimental) and SectionName are specified, - /// the name and port of the selected port must match both specified values. - /// - /// - /// - /// Implementations MAY choose to support other parent resources. - /// Implementations supporting other types of parent resources MUST clearly - /// document how/if Port is interpreted. - /// - /// - /// For the purpose of status, an attachment is considered successful as - /// long as the parent resource accepts it partially. For example, Gateway - /// listeners can restrict which Routes can attach to them by Route kind, - /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - /// from the referencing Route, the Route MUST be considered successfully - /// attached. If no Gateway listeners accept attachment from this Route, - /// the Route MUST be considered detached from the Gateway. - /// - /// - /// Support: Extended + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// SectionName is the name of a section within the target resource. In the - /// following resources, SectionName is interpreted as the following: - /// - /// - /// * Gateway: Listener name. When both Port (experimental) and SectionName - /// are specified, the name and port of the selected listener must match - /// both specified values. - /// * Service: Port name. When both Port (experimental) and SectionName - /// are specified, the name and port of the selected listener must match - /// both specified values. - /// - /// - /// Implementations MAY choose to support attaching Routes to other resources. - /// If that is the case, they MUST clearly document how SectionName is - /// interpreted. - /// - /// - /// When unspecified (empty string), this will reference the entire resource. - /// For the purpose of status, an attachment is considered successful if at - /// least one section in the parent resource accepts it. For example, Gateway - /// listeners can restrict which Routes can attach to them by Route kind, - /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - /// the referencing Route, the Route MUST be considered successfully - /// attached. If no Gateway listeners accept attachment from this Route, the - /// Route MUST be considered detached from the Gateway. - /// - /// - /// Support: Core - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] - pub section_name: Option, + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, } /// The ingress based HTTP01 challenge solver will solve challenges by @@ -1000,6 +1941,9 @@ pub struct ClusterIssuerAcmeSolversHttp01IngressPodTemplateSpec { /// If specified, the pod's priorityClassName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, + /// If specified, the pod's security context + #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] + pub security_context: Option, /// If specified, the pod's service account #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, @@ -1724,6 +2668,136 @@ pub struct ClusterIssuerAcmeSolversHttp01IngressPodTemplateSpecImagePullSecrets pub name: Option, } +/// If specified, the pod's security context +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01IngressPodTemplateSpecSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] + pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] + pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] + pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] + pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] + pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] + pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sysctls: Option>, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01IngressPodTemplateSpecSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub level: Option, + /// Role is a SELinux role label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub role: Option, + /// Type is a SELinux type label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, + /// User is a SELinux user label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01IngressPodTemplateSpecSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterIssuerAcmeSolversHttp01IngressPodTemplateSpecSecurityContextSysctls { + /// Name of a property to set + pub name: String, + /// Value of a property to set + pub value: String, +} + /// The pod this Toleration is attached to tolerates any taint that matches /// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs b/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs index 3cdc57104..58d21cc23 100644 --- a/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs +++ b/kube-custom-resources-rs/src/cert_manager_io/v1/issuers.rs @@ -738,151 +738,1092 @@ pub struct IssuerAcmeSolversHttp01GatewayHttpRoute { /// https://gateway-api.sigs.k8s.io/api-types/httproute/#attaching-to-gateways #[serde(default, skip_serializing_if = "Option::is_none", rename = "parentRefs")] pub parent_refs: Option>, + /// Optional pod template used to configure the ACME challenge solver pods + /// used for HTTP01 challenges. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podTemplate")] + pub pod_template: Option, /// Optional service type for Kubernetes solver service. Supported values /// are NodePort or ClusterIP. If unset, defaults to NodePort. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceType")] pub service_type: Option, } -/// ParentReference identifies an API object (usually a Gateway) that can be considered -/// a parent of this resource (usually a route). There are two kinds of parent resources -/// with "Core" support: -/// -/// -/// * Gateway (Gateway conformance profile) -/// * Service (Mesh conformance profile, ClusterIP Services only) -/// -/// -/// This API may be extended in the future to support additional kinds of parent -/// resources. -/// -/// -/// The API object must be valid in the cluster; the Group and Kind must -/// be registered in the cluster for this reference to be valid. +/// ParentReference identifies an API object (usually a Gateway) that can be considered +/// a parent of this resource (usually a route). There are two kinds of parent resources +/// with "Core" support: +/// +/// +/// * Gateway (Gateway conformance profile) +/// * Service (Mesh conformance profile, ClusterIP Services only) +/// +/// +/// This API may be extended in the future to support additional kinds of parent +/// resources. +/// +/// +/// The API object must be valid in the cluster; the Group and Kind must +/// be registered in the cluster for this reference to be valid. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRouteParentRefs { + /// Group is the group of the referent. + /// When unspecified, "gateway.networking.k8s.io" is inferred. + /// To set the core API group (such as for a "Service" kind referent), + /// Group must be explicitly set to "" (empty string). + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none")] + pub group: Option, + /// Kind is kind of the referent. + /// + /// + /// There are two kinds of parent resources with "Core" support: + /// + /// + /// * Gateway (Gateway conformance profile) + /// * Service (Mesh conformance profile, ClusterIP Services only) + /// + /// + /// Support for other resources is Implementation-Specific. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub kind: Option, + /// Name is the name of the referent. + /// + /// + /// Support: Core + pub name: String, + /// Namespace is the namespace of the referent. When unspecified, this refers + /// to the local namespace of the Route. + /// + /// + /// Note that there are specific rules for ParentRefs which cross namespace + /// boundaries. Cross-namespace references are only valid if they are explicitly + /// allowed by something in the namespace they are referring to. For example: + /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a + /// generic way to enable any other kind of cross-namespace reference. + /// + /// + /// + /// ParentRefs from a Route to a Service in the same namespace are "producer" + /// routes, which apply default routing rules to inbound connections from + /// any namespace to the Service. + /// + /// + /// ParentRefs from a Route to a Service in a different namespace are + /// "consumer" routes, and these routing rules are only applied to outbound + /// connections originating from the same namespace as the Route, for which + /// the intended destination of the connections are a Service targeted as a + /// ParentRef of the Route. + /// + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + /// Port is the network port this Route targets. It can be interpreted + /// differently based on the type of parent resource. + /// + /// + /// When the parent resource is a Gateway, this targets all listeners + /// listening on the specified port that also support this kind of Route(and + /// select this Route). It's not recommended to set `Port` unless the + /// networking behaviors specified in a Route must apply to a specific port + /// as opposed to a listener(s) whose port(s) may be changed. When both Port + /// and SectionName are specified, the name and port of the selected listener + /// must match both specified values. + /// + /// + /// + /// When the parent resource is a Service, this targets a specific port in the + /// Service spec. When both Port (experimental) and SectionName are specified, + /// the name and port of the selected port must match both specified values. + /// + /// + /// + /// Implementations MAY choose to support other parent resources. + /// Implementations supporting other types of parent resources MUST clearly + /// document how/if Port is interpreted. + /// + /// + /// For the purpose of status, an attachment is considered successful as + /// long as the parent resource accepts it partially. For example, Gateway + /// listeners can restrict which Routes can attach to them by Route kind, + /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment + /// from the referencing Route, the Route MUST be considered successfully + /// attached. If no Gateway listeners accept attachment from this Route, + /// the Route MUST be considered detached from the Gateway. + /// + /// + /// Support: Extended + #[serde(default, skip_serializing_if = "Option::is_none")] + pub port: Option, + /// SectionName is the name of a section within the target resource. In the + /// following resources, SectionName is interpreted as the following: + /// + /// + /// * Gateway: Listener name. When both Port (experimental) and SectionName + /// are specified, the name and port of the selected listener must match + /// both specified values. + /// * Service: Port name. When both Port (experimental) and SectionName + /// are specified, the name and port of the selected listener must match + /// both specified values. + /// + /// + /// Implementations MAY choose to support attaching Routes to other resources. + /// If that is the case, they MUST clearly document how SectionName is + /// interpreted. + /// + /// + /// When unspecified (empty string), this will reference the entire resource. + /// For the purpose of status, an attachment is considered successful if at + /// least one section in the parent resource accepts it. For example, Gateway + /// listeners can restrict which Routes can attach to them by Route kind, + /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from + /// the referencing Route, the Route MUST be considered successfully + /// attached. If no Gateway listeners accept attachment from this Route, the + /// Route MUST be considered detached from the Gateway. + /// + /// + /// Support: Core + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] + pub section_name: Option, +} + +/// Optional pod template used to configure the ACME challenge solver pods +/// used for HTTP01 challenges. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplate { + /// ObjectMeta overrides for the pod used to solve HTTP01 challenges. + /// Only the 'labels' and 'annotations' fields may be set. + /// If labels or annotations overlap with in-built values, the values here + /// will override the in-built values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub metadata: Option, + /// PodSpec defines overrides for the HTTP01 challenge solver pod. + /// Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. + /// All other fields will be ignored. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub spec: Option, +} + +/// ObjectMeta overrides for the pod used to solve HTTP01 challenges. +/// Only the 'labels' and 'annotations' fields may be set. +/// If labels or annotations overlap with in-built values, the values here +/// will override the in-built values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateMetadata { + /// Annotations that should be added to the create ACME HTTP01 solver pods. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub annotations: Option>, + /// Labels that should be added to the created ACME HTTP01 solver pods. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub labels: Option>, +} + +/// PodSpec defines overrides for the HTTP01 challenge solver pod. +/// Check ACMEChallengeSolverHTTP01IngressPodSpec to find out currently supported fields. +/// All other fields will be ignored. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpec { + /// If specified, the pod's scheduling constraints + #[serde(default, skip_serializing_if = "Option::is_none")] + pub affinity: Option, + /// If specified, the pod's imagePullSecrets + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, + /// NodeSelector is a selector which must be true for the pod to fit on a node. + /// Selector which must match a node's labels for the pod to be scheduled on that node. + /// More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/ + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeSelector")] + pub node_selector: Option>, + /// If specified, the pod's priorityClassName. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] + pub priority_class_name: Option, + /// If specified, the pod's security context + #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] + pub security_context: Option, + /// If specified, the pod's service account + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] + pub service_account_name: Option, + /// If specified, the pod's tolerations. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tolerations: Option>, +} + +/// If specified, the pod's scheduling constraints +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinity { + /// Describes node affinity scheduling rules for the pod. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeAffinity")] + pub node_affinity: Option, + /// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAffinity")] + pub pod_affinity: Option, + /// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "podAntiAffinity")] + pub pod_anti_affinity: Option, +} + +/// Describes node affinity scheduling rules for the pod. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node matches the corresponding matchExpressions; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to an update), the system + /// may or may not try to eventually evict the pod from its node. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option, +} + +/// An empty preferred scheduling term matches all objects with implicit weight 0 +/// (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// A node selector term, associated with the corresponding weight. + pub preference: IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference, + /// Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. + pub weight: i32, +} + +/// A node selector term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreference { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityPreferredDuringSchedulingIgnoredDuringExecutionPreferenceMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// If the affinity requirements specified by this field are not met at +/// scheduling time, the pod will not be scheduled onto the node. +/// If the affinity requirements specified by this field cease to be met +/// at some point during pod execution (e.g. due to an update), the system +/// may or may not try to eventually evict the pod from its node. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// Required. A list of node selector terms. The terms are ORed. + #[serde(rename = "nodeSelectorTerms")] + pub node_selector_terms: Vec, +} + +/// A null or empty node selector term matches no objects. The requirements of +/// them are ANDed. +/// The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTerms { + /// A list of node selector requirements by node's labels. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// A list of node selector requirements by node's fields. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchFields")] + pub match_fields: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchExpressions { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A node selector requirement is a selector that contains values, a key, and an operator +/// that relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityNodeAffinityRequiredDuringSchedulingIgnoredDuringExecutionNodeSelectorTermsMatchFields { + /// The label key that the selector applies to. + pub key: String, + /// Represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. + pub operator: String, + /// An array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. If the operator is Gt or Lt, the values + /// array must have a single element, which will be interpreted as an integer. + /// This array is replaced during a strategic merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinity { + /// The scheduler will prefer to schedule pods to nodes that satisfy + /// the anti-affinity expressions specified by this field, but it may choose + /// a node that violates one or more of the expressions. The node that is + /// most preferred is the one with the greatest sum of weights, i.e. + /// for each node that meets all of the scheduling requirements (resource + /// request, requiredDuringScheduling anti-affinity expressions, etc.), + /// compute a sum by iterating through the elements of this field and adding + /// "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the + /// node(s) with the highest sum are the most preferred. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "preferredDuringSchedulingIgnoredDuringExecution")] + pub preferred_during_scheduling_ignored_during_execution: Option>, + /// If the anti-affinity requirements specified by this field are not met at + /// scheduling time, the pod will not be scheduled onto the node. + /// If the anti-affinity requirements specified by this field cease to be met + /// at some point during pod execution (e.g. due to a pod label update), the + /// system may or may not try to eventually evict the pod from its node. + /// When there are multiple elements, the lists of nodes corresponding to each + /// podAffinityTerm are intersected, i.e. all terms must be satisfied. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "requiredDuringSchedulingIgnoredDuringExecution")] + pub required_during_scheduling_ignored_during_execution: Option>, +} + +/// The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecution { + /// Required. A pod affinity term, associated with the corresponding weight. + #[serde(rename = "podAffinityTerm")] + pub pod_affinity_term: IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm, + /// weight associated with matching the corresponding podAffinityTerm, + /// in the range 1-100. + pub weight: i32, +} + +/// Required. A pod affinity term, associated with the corresponding weight. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// Defines a set of pods (namely those matching the labelSelector +/// relative to the given namespace(s)) that this pod should be +/// co-located (affinity) or not co-located (anti-affinity) with, +/// where co-located is defined as running on a node whose value of +/// the label with key matches that of any node on which +/// a pod of the set of pods is running +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { + /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, + /// A label query over the set of namespaces that the term applies to. + /// The term is applied to the union of the namespaces selected by this field + /// and the ones listed in the namespaces field. + /// null selector and null or empty namespaces list means "this pod's namespace". + /// An empty selector ({}) matches all namespaces. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "namespaceSelector")] + pub namespace_selector: Option, + /// namespaces specifies a static list of namespace names that the term applies to. + /// The term is applied to the union of the namespaces listed in this field + /// and the ones selected by namespaceSelector. + /// null or empty namespaces list and null namespaceSelector means "this pod's namespace". + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespaces: Option>, + /// This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching + /// the labelSelector in the specified namespaces, where co-located is defined as running on a node + /// whose value of the label with key topologyKey matches that of any node on which any of the + /// selected pods is running. + /// Empty topologyKey is not allowed. + #[serde(rename = "topologyKey")] + pub topology_key: String, +} + +/// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct IssuerAcmeSolversHttp01GatewayHttpRouteParentRefs { - /// Group is the group of the referent. - /// When unspecified, "gateway.networking.k8s.io" is inferred. - /// To set the core API group (such as for a "Service" kind referent), - /// Group must be explicitly set to "" (empty string). - /// - /// - /// Support: Core +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. #[serde(default, skip_serializing_if = "Option::is_none")] - pub group: Option, - /// Kind is kind of the referent. - /// - /// - /// There are two kinds of parent resources with "Core" support: + pub values: Option>, +} + +/// A label query over the set of namespaces that the term applies to. +/// The term is applied to the union of the namespaces selected by this field +/// and the ones listed in the namespaces field. +/// null selector and null or empty namespaces list means "this pod's namespace". +/// An empty selector ({}) matches all namespaces. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionNamespaceSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecImagePullSecrets { + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + +/// If specified, the pod's security context +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: /// /// - /// * Gateway (Gateway conformance profile) - /// * Service (Mesh conformance profile, ClusterIP Services only) + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- /// /// - /// Support for other resources is Implementation-Specific. + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] + pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] + pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] + pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] + pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] + pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] + pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sysctls: Option>, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub level: Option, + /// Role is a SELinux role label that applies to the container. #[serde(default, skip_serializing_if = "Option::is_none")] - pub kind: Option, - /// Name is the name of the referent. + pub role: Option, + /// Type is a SELinux type label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, + /// User is a SELinux user label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: /// /// - /// Support: Core + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecSecurityContextSysctls { + /// Name of a property to set pub name: String, - /// Namespace is the namespace of the referent. When unspecified, this refers - /// to the local namespace of the Route. - /// - /// - /// Note that there are specific rules for ParentRefs which cross namespace - /// boundaries. Cross-namespace references are only valid if they are explicitly - /// allowed by something in the namespace they are referring to. For example: - /// Gateway has the AllowedRoutes field, and ReferenceGrant provides a - /// generic way to enable any other kind of cross-namespace reference. - /// - /// - /// - /// ParentRefs from a Route to a Service in the same namespace are "producer" - /// routes, which apply default routing rules to inbound connections from - /// any namespace to the Service. - /// - /// - /// ParentRefs from a Route to a Service in a different namespace are - /// "consumer" routes, and these routing rules are only applied to outbound - /// connections originating from the same namespace as the Route, for which - /// the intended destination of the connections are a Service targeted as a - /// ParentRef of the Route. - /// - /// - /// - /// Support: Core + /// Value of a property to set + pub value: String, +} + +/// The pod this Toleration is attached to tolerates any taint that matches +/// the triple using the matching operator . +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01GatewayHttpRoutePodTemplateSpecTolerations { + /// Effect indicates the taint effect to match. Empty means match all taint effects. + /// When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. #[serde(default, skip_serializing_if = "Option::is_none")] - pub namespace: Option, - /// Port is the network port this Route targets. It can be interpreted - /// differently based on the type of parent resource. - /// - /// - /// When the parent resource is a Gateway, this targets all listeners - /// listening on the specified port that also support this kind of Route(and - /// select this Route). It's not recommended to set `Port` unless the - /// networking behaviors specified in a Route must apply to a specific port - /// as opposed to a listener(s) whose port(s) may be changed. When both Port - /// and SectionName are specified, the name and port of the selected listener - /// must match both specified values. - /// - /// - /// - /// When the parent resource is a Service, this targets a specific port in the - /// Service spec. When both Port (experimental) and SectionName are specified, - /// the name and port of the selected port must match both specified values. - /// - /// - /// - /// Implementations MAY choose to support other parent resources. - /// Implementations supporting other types of parent resources MUST clearly - /// document how/if Port is interpreted. - /// - /// - /// For the purpose of status, an attachment is considered successful as - /// long as the parent resource accepts it partially. For example, Gateway - /// listeners can restrict which Routes can attach to them by Route kind, - /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment - /// from the referencing Route, the Route MUST be considered successfully - /// attached. If no Gateway listeners accept attachment from this Route, - /// the Route MUST be considered detached from the Gateway. - /// - /// - /// Support: Extended + pub effect: Option, + /// Key is the taint key that the toleration applies to. Empty means match all taint keys. + /// If the key is empty, operator must be Exists; this combination means to match all values and all keys. #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, - /// SectionName is the name of a section within the target resource. In the - /// following resources, SectionName is interpreted as the following: - /// - /// - /// * Gateway: Listener name. When both Port (experimental) and SectionName - /// are specified, the name and port of the selected listener must match - /// both specified values. - /// * Service: Port name. When both Port (experimental) and SectionName - /// are specified, the name and port of the selected listener must match - /// both specified values. - /// - /// - /// Implementations MAY choose to support attaching Routes to other resources. - /// If that is the case, they MUST clearly document how SectionName is - /// interpreted. - /// - /// - /// When unspecified (empty string), this will reference the entire resource. - /// For the purpose of status, an attachment is considered successful if at - /// least one section in the parent resource accepts it. For example, Gateway - /// listeners can restrict which Routes can attach to them by Route kind, - /// namespace, or hostname. If 1 of 2 Gateway listeners accept attachment from - /// the referencing Route, the Route MUST be considered successfully - /// attached. If no Gateway listeners accept attachment from this Route, the - /// Route MUST be considered detached from the Gateway. - /// - /// - /// Support: Core - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sectionName")] - pub section_name: Option, + pub key: Option, + /// Operator represents a key's relationship to the value. + /// Valid operators are Exists and Equal. Defaults to Equal. + /// Exists is equivalent to wildcard for value, so that a pod can + /// tolerate all taints of a particular category. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub operator: Option, + /// TolerationSeconds represents the period of time the toleration (which must be + /// of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, + /// it is not set, which means tolerate the taint forever (do not evict). Zero and + /// negative values will be treated as 0 (evict immediately) by the system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tolerationSeconds")] + pub toleration_seconds: Option, + /// Value is the taint value the toleration matches to. + /// If the operator is Exists, the value should be empty, otherwise just a regular string. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, } /// The ingress based HTTP01 challenge solver will solve challenges by @@ -1001,6 +1942,9 @@ pub struct IssuerAcmeSolversHttp01IngressPodTemplateSpec { /// If specified, the pod's priorityClassName. #[serde(default, skip_serializing_if = "Option::is_none", rename = "priorityClassName")] pub priority_class_name: Option, + /// If specified, the pod's security context + #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] + pub security_context: Option, /// If specified, the pod's service account #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, @@ -1725,6 +2669,136 @@ pub struct IssuerAcmeSolversHttp01IngressPodTemplateSpecImagePullSecrets { pub name: Option, } +/// If specified, the pod's security context +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01IngressPodTemplateSpecSecurityContext { + /// A special supplemental group that applies to all containers in a pod. + /// Some volume types allow the Kubelet to change the ownership of that volume + /// to be owned by the pod: + /// + /// + /// 1. The owning GID will be the FSGroup + /// 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) + /// 3. The permission bits are OR'd with rw-rw---- + /// + /// + /// If unset, the Kubelet will not modify the ownership and permissions of any volume. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroup")] + pub fs_group: Option, + /// fsGroupChangePolicy defines behavior of changing ownership and permission of the volume + /// before being exposed inside Pod. This field will only apply to + /// volume types which support fsGroup based ownership(and permissions). + /// It will have no effect on ephemeral volume types such as: secret, configmaps + /// and emptydir. + /// Valid values are "OnRootMismatch" and "Always". If not specified, "Always" is used. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fsGroupChangePolicy")] + pub fs_group_change_policy: Option, + /// The GID to run the entrypoint of the container process. + /// Uses runtime default if unset. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsGroup")] + pub run_as_group: Option, + /// Indicates that the container must run as a non-root user. + /// If true, the Kubelet will validate the image at runtime to ensure that it + /// does not run as UID 0 (root) and fail to start the container if it does. + /// If unset or false, no such validation will be performed. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsNonRoot")] + pub run_as_non_root: Option, + /// The UID to run the entrypoint of the container process. + /// Defaults to user specified in image metadata if unspecified. + /// May also be set in SecurityContext. If set in both SecurityContext and + /// PodSecurityContext, the value specified in SecurityContext takes precedence + /// for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "runAsUser")] + pub run_as_user: Option, + /// The SELinux context to be applied to all containers. + /// If unspecified, the container runtime will allocate a random SELinux context for each + /// container. May also be set in SecurityContext. If set in + /// both SecurityContext and PodSecurityContext, the value specified in SecurityContext + /// takes precedence for that container. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seLinuxOptions")] + pub se_linux_options: Option, + /// The seccomp options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "seccompProfile")] + pub seccomp_profile: Option, + /// A list of groups applied to the first process run in each container, in addition + /// to the container's primary GID, the fsGroup (if specified), and group memberships + /// defined in the container image for the uid of the container process. If unspecified, + /// no additional groups are added to any container. Note that group memberships + /// defined in the container image for the uid of the container process are still effective, + /// even if they are not included in this list. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "supplementalGroups")] + pub supplemental_groups: Option>, + /// Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported + /// sysctls (by the container runtime) might fail to launch. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sysctls: Option>, +} + +/// The SELinux context to be applied to all containers. +/// If unspecified, the container runtime will allocate a random SELinux context for each +/// container. May also be set in SecurityContext. If set in +/// both SecurityContext and PodSecurityContext, the value specified in SecurityContext +/// takes precedence for that container. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01IngressPodTemplateSpecSecurityContextSeLinuxOptions { + /// Level is SELinux level label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub level: Option, + /// Role is a SELinux role label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub role: Option, + /// Type is a SELinux type label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] + pub r#type: Option, + /// User is a SELinux user label that applies to the container. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub user: Option, +} + +/// The seccomp options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01IngressPodTemplateSpecSecurityContextSeccompProfile { + /// localhostProfile indicates a profile defined in a file on the node should be used. + /// The profile must be preconfigured on the node to work. + /// Must be a descending path, relative to the kubelet's configured seccomp profile location. + /// Must be set if type is "Localhost". Must NOT be set for any other type. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of seccomp profile will be applied. + /// Valid options are: + /// + /// + /// Localhost - a profile defined in a file on the node should be used. + /// RuntimeDefault - the container runtime default profile should be used. + /// Unconfined - no profile should be applied. + #[serde(rename = "type")] + pub r#type: String, +} + +/// Sysctl defines a kernel parameter to be set +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct IssuerAcmeSolversHttp01IngressPodTemplateSpecSecurityContextSysctls { + /// Name of a property to set + pub name: String, + /// Value of a property to set + pub value: String, +} + /// The pod this Toleration is attached to tolerates any taint that matches /// the triple using the matching operator . #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/distributions.rs b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/distributions.rs index 07e116ff3..e19258294 100644 --- a/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/distributions.rs +++ b/kube-custom-resources-rs/src/cloudfront_services_k8s_aws/v1alpha1/distributions.rs @@ -1237,6 +1237,8 @@ pub struct DistributionDistributionConfigViewerCertificateAcmCertificateRef { pub struct DistributionDistributionConfigViewerCertificateAcmCertificateRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// DistributionStatus defines the observed state of Distribution diff --git a/kube-custom-resources-rs/src/cloudwatchlogs_services_k8s_aws/v1alpha1/loggroups.rs b/kube-custom-resources-rs/src/cloudwatchlogs_services_k8s_aws/v1alpha1/loggroups.rs index 84221fecd..cabc7c833 100644 --- a/kube-custom-resources-rs/src/cloudwatchlogs_services_k8s_aws/v1alpha1/loggroups.rs +++ b/kube-custom-resources-rs/src/cloudwatchlogs_services_k8s_aws/v1alpha1/loggroups.rs @@ -79,6 +79,8 @@ pub struct LogGroupKmsKeyRef { pub struct LogGroupKmsKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/data_fluid_io/v1alpha1/alluxioruntimes.rs b/kube-custom-resources-rs/src/data_fluid_io/v1alpha1/alluxioruntimes.rs index 10899724a..3e332e7cb 100644 --- a/kube-custom-resources-rs/src/data_fluid_io/v1alpha1/alluxioruntimes.rs +++ b/kube-custom-resources-rs/src/data_fluid_io/v1alpha1/alluxioruntimes.rs @@ -43,6 +43,9 @@ pub struct AlluxioRuntimeSpec { /// of the file as the value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hadoopConfig")] pub hadoop_config: Option, + /// ImagePullSecrets that will be used to pull images + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, /// The spec of init users #[serde(default, skip_serializing_if = "Option::is_none", rename = "initUsers")] pub init_users: Option, @@ -108,6 +111,9 @@ pub struct AlluxioRuntimeApiGateway { /// Environment variables that will be used by Alluxio component.
#[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// ImagePullSecrets that will be used to pull images + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, /// Options for JVM #[serde(default, skip_serializing_if = "Option::is_none", rename = "jvmOptions")] pub jvm_options: Option>, @@ -143,6 +149,17 @@ pub struct AlluxioRuntimeApiGateway { pub volume_mounts: Option>, } +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlluxioRuntimeApiGatewayImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The component spec of Alluxio API Gateway #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AlluxioRuntimeApiGatewayNetworkMode { @@ -265,6 +282,9 @@ pub struct AlluxioRuntimeFuse { /// One of the three policies: `Always`, `IfNotPresent`, `Never` #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullPolicy")] pub image_pull_policy: Option, + /// ImagePullSecrets that will be used to pull images + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, /// Image Tag for Alluxio Fuse(e.g. 2.3.0-SNAPSHOT) #[serde(default, skip_serializing_if = "Option::is_none", rename = "imageTag")] pub image_tag: Option, @@ -296,6 +316,17 @@ pub struct AlluxioRuntimeFuse { pub volume_mounts: Option>, } +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlluxioRuntimeFuseImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The component spec of Alluxio Fuse #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AlluxioRuntimeFuseNetworkMode { @@ -385,6 +416,17 @@ pub struct AlluxioRuntimeFuseVolumeMounts { pub sub_path_expr: Option, } +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlluxioRuntimeImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The spec of init users #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlluxioRuntimeInitUsers { @@ -455,6 +497,9 @@ pub struct AlluxioRuntimeJobMaster { /// Environment variables that will be used by Alluxio component.
#[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// ImagePullSecrets that will be used to pull images + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, /// Options for JVM #[serde(default, skip_serializing_if = "Option::is_none", rename = "jvmOptions")] pub jvm_options: Option>, @@ -490,6 +535,17 @@ pub struct AlluxioRuntimeJobMaster { pub volume_mounts: Option>, } +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlluxioRuntimeJobMasterImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The component spec of Alluxio job master #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AlluxioRuntimeJobMasterNetworkMode { @@ -588,6 +644,9 @@ pub struct AlluxioRuntimeJobWorker { /// Environment variables that will be used by Alluxio component.
#[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// ImagePullSecrets that will be used to pull images + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, /// Options for JVM #[serde(default, skip_serializing_if = "Option::is_none", rename = "jvmOptions")] pub jvm_options: Option>, @@ -623,6 +682,17 @@ pub struct AlluxioRuntimeJobWorker { pub volume_mounts: Option>, } +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlluxioRuntimeJobWorkerImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The component spec of Alluxio job Worker #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AlluxioRuntimeJobWorkerNetworkMode { @@ -759,6 +829,9 @@ pub struct AlluxioRuntimeMaster { /// Environment variables that will be used by Alluxio component.
#[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// ImagePullSecrets that will be used to pull images + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, /// Options for JVM #[serde(default, skip_serializing_if = "Option::is_none", rename = "jvmOptions")] pub jvm_options: Option>, @@ -794,6 +867,17 @@ pub struct AlluxioRuntimeMaster { pub volume_mounts: Option>, } +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlluxioRuntimeMasterImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The component spec of Alluxio master #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AlluxioRuntimeMasterNetworkMode { @@ -4156,6 +4240,9 @@ pub struct AlluxioRuntimeWorker { /// Environment variables that will be used by Alluxio component.
#[serde(default, skip_serializing_if = "Option::is_none")] pub env: Option>, + /// ImagePullSecrets that will be used to pull images + #[serde(default, skip_serializing_if = "Option::is_none", rename = "imagePullSecrets")] + pub image_pull_secrets: Option>, /// Options for JVM #[serde(default, skip_serializing_if = "Option::is_none", rename = "jvmOptions")] pub jvm_options: Option>, @@ -4191,6 +4278,17 @@ pub struct AlluxioRuntimeWorker { pub volume_mounts: Option>, } +/// LocalObjectReference contains enough information to let you locate the +/// referenced object inside the same namespace. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlluxioRuntimeWorkerImagePullSecrets { + /// Name of the referent. + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Add other useful fields. apiVersion, kind, uid? + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, +} + /// The component spec of Alluxio worker #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum AlluxioRuntimeWorkerNetworkMode { diff --git a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backuppolicies.rs b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backuppolicies.rs index f606a145d..2505154a0 100644 --- a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backuppolicies.rs +++ b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backuppolicies.rs @@ -283,6 +283,10 @@ pub struct BackupPolicyBackupMethodsTargetConnectionCredential { /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupPolicyBackupMethodsTargetPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -302,6 +306,37 @@ pub struct BackupPolicyBackupMethodsTargetPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyBackupMethodsTargetPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyBackupMethodsTargetPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -464,6 +499,10 @@ pub struct BackupPolicyBackupMethodsTargetsConnectionCredential { /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupPolicyBackupMethodsTargetsPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -483,6 +522,37 @@ pub struct BackupPolicyBackupMethodsTargetsPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyBackupMethodsTargetsPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyBackupMethodsTargetsPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -649,6 +719,10 @@ pub struct BackupPolicyTargetConnectionCredential { /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupPolicyTargetPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -668,6 +742,37 @@ pub struct BackupPolicyTargetPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyTargetPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyTargetPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -787,6 +892,10 @@ pub struct BackupPolicyTargetsConnectionCredential { /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupPolicyTargetsPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -806,6 +915,37 @@ pub struct BackupPolicyTargetsPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyTargetsPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupPolicyTargetsPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backups.rs b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backups.rs index 41b5d6191..af7f5f06a 100644 --- a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backups.rs +++ b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/backups.rs @@ -474,6 +474,10 @@ pub struct BackupStatusBackupMethodTargetConnectionCredential { /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStatusBackupMethodTargetPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -493,6 +497,37 @@ pub struct BackupStatusBackupMethodTargetPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupStatusBackupMethodTargetPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupStatusBackupMethodTargetPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -655,6 +690,10 @@ pub struct BackupStatusBackupMethodTargetsConnectionCredential { /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStatusBackupMethodTargetsPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -674,6 +713,37 @@ pub struct BackupStatusBackupMethodTargetsPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupStatusBackupMethodTargetsPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupStatusBackupMethodTargetsPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -851,6 +921,10 @@ pub struct BackupStatusTargetConnectionCredential { /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStatusTargetPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -870,6 +944,37 @@ pub struct BackupStatusTargetPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupStatusTargetPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupStatusTargetPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -992,6 +1097,10 @@ pub struct BackupStatusTargetsConnectionCredential { /// Used to find the target pod. The volumes of the target pod will be backed up. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BackupStatusTargetsPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -1011,6 +1120,37 @@ pub struct BackupStatusTargetsPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupStatusTargetsPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct BackupStatusTargetsPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/restores.rs b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/restores.rs index d7abb7c87..b6b438ca2 100644 --- a/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/restores.rs +++ b/kube-custom-resources-rs/src/dataprotection_kubeblocks_io/v1alpha1/restores.rs @@ -508,8 +508,31 @@ pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAffinityPreferredDur #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -533,6 +556,7 @@ pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAffinityPreferredDur } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -605,8 +629,31 @@ pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAffinityPreferredDur #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -630,6 +677,7 @@ pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAffinityRequiredDuri } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -733,8 +781,31 @@ pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAntiAffinityPreferre #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -758,6 +829,7 @@ pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAntiAffinityPreferre } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -830,8 +902,31 @@ pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAntiAffinityPreferre #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -855,6 +950,7 @@ pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAntiAffinityRequired } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigSchedulingSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1197,6 +1293,20 @@ pub struct RestorePrepareDataConfigVolumeClaimsVolumeClaimSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -1275,17 +1385,6 @@ pub struct RestorePrepareDataConfigVolumeClaimsVolumeClaimSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigVolumeClaimsVolumeClaimSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1298,15 +1397,6 @@ pub struct RestorePrepareDataConfigVolumeClaimsVolumeClaimSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct RestorePrepareDataConfigVolumeClaimsVolumeClaimSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigVolumeClaimsVolumeClaimSpecSelector { @@ -1441,6 +1531,20 @@ pub struct RestorePrepareDataConfigVolumeClaimsTemplateTemplatesVolumeClaimSpec /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -1519,17 +1623,6 @@ pub struct RestorePrepareDataConfigVolumeClaimsTemplateTemplatesVolumeClaimSpecD /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigVolumeClaimsTemplateTemplatesVolumeClaimSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1542,15 +1635,6 @@ pub struct RestorePrepareDataConfigVolumeClaimsTemplateTemplatesVolumeClaimSpecR pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct RestorePrepareDataConfigVolumeClaimsTemplateTemplatesVolumeClaimSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestorePrepareDataConfigVolumeClaimsTemplateTemplatesVolumeClaimSpecSelector { @@ -1723,6 +1807,10 @@ pub struct RestoreReadyConfigJobActionTarget { /// This includes mounting required volumes and injecting built-in environment variables of the selected pod. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct RestoreReadyConfigJobActionTargetPodSelector { + /// fallbackLabelSelector is used to filter available pods when the labelSelector fails. + /// This only takes effect when the `strategy` field below is set to `Any`. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "fallbackLabelSelector")] + pub fallback_label_selector: Option, /// matchExpressions is a list of label selector requirements. The requirements are ANDed. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] pub match_expressions: Option>, @@ -1742,6 +1830,37 @@ pub struct RestoreReadyConfigJobActionTargetPodSelector { pub strategy: Option, } +/// fallbackLabelSelector is used to filter available pods when the labelSelector fails. +/// This only takes effect when the `strategy` field below is set to `Any`. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RestoreReadyConfigJobActionTargetPodSelectorFallbackLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct RestoreReadyConfigJobActionTargetPodSelectorFallbackLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// A label selector requirement is a selector that contains values, a key, and an operator that /// relates the key and values. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbclusters.rs b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbclusters.rs index a840e80d5..496a2e5a2 100644 --- a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbclusters.rs +++ b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbclusters.rs @@ -281,6 +281,8 @@ pub struct DBClusterDbSubnetGroupRef { pub struct DBClusterDbSubnetGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -305,6 +307,8 @@ pub struct DBClusterKmsKeyRef { pub struct DBClusterKmsKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// The password for the master database user. This password can contain any @@ -357,6 +361,8 @@ pub struct DBClusterVpcSecurityGroupRefs { pub struct DBClusterVpcSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// DBClusterStatus defines the observed state of DBCluster diff --git a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbinstances.rs b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbinstances.rs index 5727f389b..50660bbd4 100644 --- a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbinstances.rs +++ b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbinstances.rs @@ -165,6 +165,8 @@ pub struct DBInstancePerformanceInsightsKmsKeyRef { pub struct DBInstancePerformanceInsightsKmsKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Metadata assigned to an Amazon DocumentDB resource consisting of a key-value diff --git a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbsubnetgroups.rs b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbsubnetgroups.rs index 5eb5f343b..2aeb74c9b 100644 --- a/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbsubnetgroups.rs +++ b/kube-custom-resources-rs/src/documentdb_services_k8s_aws/v1alpha1/dbsubnetgroups.rs @@ -65,6 +65,8 @@ pub struct DBSubnetGroupSubnetRefs { pub struct DBSubnetGroupSubnetRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Metadata assigned to an Amazon DocumentDB resource consisting of a key-value diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/dhcpoptions.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/dhcpoptions.rs index bcc6e818d..f3519f007 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/dhcpoptions.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/dhcpoptions.rs @@ -75,6 +75,8 @@ pub struct DHCPOptionsVpcRefs { pub struct DHCPOptionsVpcRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// DHCPOptionsStatus defines the observed state of DHCPOptions diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/internetgateways.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/internetgateways.rs index 6d0d7ea64..41688c1ad 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/internetgateways.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/internetgateways.rs @@ -68,6 +68,8 @@ pub struct InternetGatewayRouteTableRefs { pub struct InternetGatewayRouteTableRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Describes a tag. @@ -101,6 +103,8 @@ pub struct InternetGatewayVpcRef { pub struct InternetGatewayVpcRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// InternetGatewayStatus defines the observed state of InternetGateway diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/natgateways.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/natgateways.rs index 75fcb29d3..acedff91c 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/natgateways.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/natgateways.rs @@ -84,6 +84,8 @@ pub struct NATGatewayAllocationRef { pub struct NATGatewayAllocationRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -108,6 +110,8 @@ pub struct NATGatewaySubnetRef { pub struct NATGatewaySubnetRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Describes a tag. diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/routetables.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/routetables.rs index 4b693cf31..08738f2b2 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/routetables.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/routetables.rs @@ -106,6 +106,8 @@ pub struct RouteTableRoutesGatewayRef { pub struct RouteTableRoutesGatewayRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Reference field for NATGatewayID @@ -123,6 +125,8 @@ pub struct RouteTableRoutesNatGatewayRef { pub struct RouteTableRoutesNatGatewayRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Reference field for TransitGatewayID @@ -140,6 +144,8 @@ pub struct RouteTableRoutesTransitGatewayRef { pub struct RouteTableRoutesTransitGatewayRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Reference field for VPCEndpointID @@ -157,6 +163,8 @@ pub struct RouteTableRoutesVpcEndpointRef { pub struct RouteTableRoutesVpcEndpointRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Reference field for VPCPeeringConnectionID @@ -174,6 +182,8 @@ pub struct RouteTableRoutesVpcPeeringConnectionRef { pub struct RouteTableRoutesVpcPeeringConnectionRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Describes a tag. @@ -207,6 +217,8 @@ pub struct RouteTableVpcRef { pub struct RouteTableVpcRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// RouteTableStatus defines the observed state of RouteTable diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/securitygroups.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/securitygroups.rs index 99dd37646..a32dfdc30 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/securitygroups.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/securitygroups.rs @@ -160,6 +160,8 @@ pub struct SecurityGroupEgressRulesUserIdGroupPairsGroupRef { pub struct SecurityGroupEgressRulesUserIdGroupPairsGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Reference field for VPCID @@ -177,6 +179,8 @@ pub struct SecurityGroupEgressRulesUserIdGroupPairsVpcRef { pub struct SecurityGroupEgressRulesUserIdGroupPairsVpcRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Describes a set of permissions for a security group rule. @@ -271,6 +275,8 @@ pub struct SecurityGroupIngressRulesUserIdGroupPairsGroupRef { pub struct SecurityGroupIngressRulesUserIdGroupPairsGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Reference field for VPCID @@ -288,6 +294,8 @@ pub struct SecurityGroupIngressRulesUserIdGroupPairsVpcRef { pub struct SecurityGroupIngressRulesUserIdGroupPairsVpcRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Describes a tag. @@ -321,6 +329,8 @@ pub struct SecurityGroupVpcRef { pub struct SecurityGroupVpcRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// SecurityGroupStatus defines the observed state of SecurityGroup diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/subnets.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/subnets.rs index 06c25f293..8ef61ab8a 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/subnets.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/subnets.rs @@ -125,6 +125,8 @@ pub struct SubnetRouteTableRefs { pub struct SubnetRouteTableRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Describes a tag. @@ -158,6 +160,8 @@ pub struct SubnetVpcRef { pub struct SubnetVpcRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// SubnetStatus defines the observed state of Subnet diff --git a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcendpoints.rs b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcendpoints.rs index 40ff3edb7..4c9b22496 100644 --- a/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcendpoints.rs +++ b/kube-custom-resources-rs/src/ec2_services_k8s_aws/v1alpha1/vpcendpoints.rs @@ -128,6 +128,8 @@ pub struct VPCEndpointRouteTableRefs { pub struct VPCEndpointRouteTableRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -152,6 +154,8 @@ pub struct VPCEndpointSecurityGroupRefs { pub struct VPCEndpointSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -176,6 +180,8 @@ pub struct VPCEndpointSubnetRefs { pub struct VPCEndpointSubnetRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Describes a tag. @@ -209,6 +215,8 @@ pub struct VPCEndpointVpcRef { pub struct VPCEndpointVpcRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// VPCEndpointStatus defines the observed state of VPCEndpoint diff --git a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/accesspoints.rs b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/accesspoints.rs index a0d4abf22..ece857bc5 100644 --- a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/accesspoints.rs +++ b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/accesspoints.rs @@ -81,6 +81,8 @@ pub struct AccessPointFileSystemRef { pub struct AccessPointFileSystemRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// The operating system user and group applied to all file system requests made diff --git a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/filesystems.rs b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/filesystems.rs index b68a664cf..c8aa641dd 100644 --- a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/filesystems.rs +++ b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/filesystems.rs @@ -211,6 +211,8 @@ pub struct FileSystemKmsKeyRef { pub struct FileSystemKmsKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Describes a policy used by Lifecycle management that specifies when to transition diff --git a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/mounttargets.rs b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/mounttargets.rs index 895eb9e10..de3265f75 100644 --- a/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/mounttargets.rs +++ b/kube-custom-resources-rs/src/efs_services_k8s_aws/v1alpha1/mounttargets.rs @@ -79,6 +79,8 @@ pub struct MountTargetFileSystemRef { pub struct MountTargetFileSystemRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -103,6 +105,8 @@ pub struct MountTargetSecurityGroupRefs { pub struct MountTargetSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -127,6 +131,8 @@ pub struct MountTargetSubnetRef { pub struct MountTargetSubnetRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// MountTargetStatus defines the observed state of MountTarget diff --git a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/addons.rs b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/addons.rs index c3cf9cb1a..b14d145e3 100644 --- a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/addons.rs +++ b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/addons.rs @@ -132,6 +132,8 @@ pub struct AddonClusterRef { pub struct AddonClusterRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -156,6 +158,8 @@ pub struct AddonServiceAccountRoleRef { pub struct AddonServiceAccountRoleRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AddonStatus defines the observed state of Addon diff --git a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/clusters.rs index 9c9894e10..d8b8190fe 100644 --- a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/clusters.rs @@ -142,6 +142,8 @@ pub struct ClusterEncryptionConfigProviderKeyRef { pub struct ClusterEncryptionConfigProviderKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// The Kubernetes network configuration for the cluster. @@ -258,6 +260,8 @@ pub struct ClusterResourcesVpcConfigSecurityGroupRefs { pub struct ClusterResourcesVpcConfigSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -282,6 +286,8 @@ pub struct ClusterResourcesVpcConfigSubnetRefs { pub struct ClusterResourcesVpcConfigSubnetRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -306,6 +312,8 @@ pub struct ClusterRoleRef { pub struct ClusterRoleRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// ClusterStatus defines the observed state of Cluster diff --git a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/fargateprofiles.rs b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/fargateprofiles.rs index 683d1d692..f7e4f5390 100644 --- a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/fargateprofiles.rs +++ b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/fargateprofiles.rs @@ -102,6 +102,8 @@ pub struct FargateProfileClusterRef { pub struct FargateProfileClusterRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -126,6 +128,8 @@ pub struct FargateProfilePodExecutionRoleRef { pub struct FargateProfilePodExecutionRoleRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// An object representing an Fargate profile selector. @@ -159,6 +163,8 @@ pub struct FargateProfileSubnetRefs { pub struct FargateProfileSubnetRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// FargateProfileStatus defines the observed state of FargateProfile diff --git a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/nodegroups.rs b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/nodegroups.rs index 0addc0f87..f63dee046 100644 --- a/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/nodegroups.rs +++ b/kube-custom-resources-rs/src/eks_services_k8s_aws/v1alpha1/nodegroups.rs @@ -194,6 +194,8 @@ pub struct NodegroupClusterRef { pub struct NodegroupClusterRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// An object representing a node group's launch template specification. If specified, @@ -231,6 +233,8 @@ pub struct NodegroupNodeRoleRef { pub struct NodegroupNodeRoleRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// The remote access configuration to use with your node group. For Linux, the @@ -272,6 +276,8 @@ pub struct NodegroupRemoteAccessSourceSecurityGroupRefs { pub struct NodegroupRemoteAccessSourceSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// The scaling configuration details for the Auto Scaling group that is created @@ -308,6 +314,8 @@ pub struct NodegroupSubnetRefs { pub struct NodegroupSubnetRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// A property that allows a node to repel a Pod. For more information, see Node diff --git a/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/jobruns.rs b/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/jobruns.rs index b8b4353a7..77a39e774 100644 --- a/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/jobruns.rs +++ b/kube-custom-resources-rs/src/emrcontainers_services_k8s_aws/v1alpha1/jobruns.rs @@ -98,6 +98,8 @@ pub struct JobRunVirtualClusterRef { pub struct JobRunVirtualClusterRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// JobRunStatus defines the observed state of JobRun diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs index 01b603afc..4f6c58eca 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/clustersecretstores.rs @@ -96,6 +96,9 @@ pub struct ClusterSecretStoreProvider { /// AzureKV configures this store to sync secrets using Azure Key Vault provider #[serde(default, skip_serializing_if = "Option::is_none")] pub azurekv: Option, + /// Beyondtrust configures this store to sync secrets using Password Safe provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub beyondtrust: Option, /// BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider #[serde(default, skip_serializing_if = "Option::is_none")] pub bitwardensecretsmanager: Option, @@ -763,6 +766,154 @@ pub struct ClusterSecretStoreProviderAzurekvServiceAccountRef { pub namespace: Option, } +/// Beyondtrust configures this store to sync secrets using Password Safe provider. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrust { + /// Auth configures how the operator authenticates with Beyondtrust. + pub auth: ClusterSecretStoreProviderBeyondtrustAuth, + /// Auth configures how API server works. + pub server: ClusterSecretStoreProviderBeyondtrustServer, +} + +/// Auth configures how the operator authenticates with Beyondtrust. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuth { + /// Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Certificate private key (key.pem). For use when authenticating with an OAuth client Id + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificateKey")] + pub certificate_key: Option, + #[serde(rename = "clientId")] + pub client_id: ClusterSecretStoreProviderBeyondtrustAuthClientId, + #[serde(rename = "clientSecret")] + pub client_secret: ClusterSecretStoreProviderBeyondtrustAuthClientSecret, +} + +/// Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthCertificate { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthCertificateSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Certificate private key (key.pem). For use when authenticating with an OAuth client Id +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthCertificateKey { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthCertificateKeySecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthClientId { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthClientIdSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthClientSecret { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustAuthClientSecretSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Auth configures how API server works. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterSecretStoreProviderBeyondtrustServer { + #[serde(rename = "apiUrl")] + pub api_url: String, + /// Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientTimeOutSeconds")] + pub client_time_out_seconds: Option, + /// The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retrievalType")] + pub retrieval_type: Option, + /// A character that separates the folder names. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub separator: Option, + #[serde(rename = "verifyCA")] + pub verify_ca: bool, +} + /// BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterSecretStoreProviderBitwardensecretsmanager { diff --git a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs index 601594db3..eea282029 100644 --- a/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs +++ b/kube-custom-resources-rs/src/external_secrets_io/v1beta1/secretstores.rs @@ -97,6 +97,9 @@ pub struct SecretStoreProvider { /// AzureKV configures this store to sync secrets using Azure Key Vault provider #[serde(default, skip_serializing_if = "Option::is_none")] pub azurekv: Option, + /// Beyondtrust configures this store to sync secrets using Password Safe provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub beyondtrust: Option, /// BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider #[serde(default, skip_serializing_if = "Option::is_none")] pub bitwardensecretsmanager: Option, @@ -764,6 +767,154 @@ pub struct SecretStoreProviderAzurekvServiceAccountRef { pub namespace: Option, } +/// Beyondtrust configures this store to sync secrets using Password Safe provider. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrust { + /// Auth configures how the operator authenticates with Beyondtrust. + pub auth: SecretStoreProviderBeyondtrustAuth, + /// Auth configures how API server works. + pub server: SecretStoreProviderBeyondtrustServer, +} + +/// Auth configures how the operator authenticates with Beyondtrust. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuth { + /// Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub certificate: Option, + /// Certificate private key (key.pem). For use when authenticating with an OAuth client Id + #[serde(default, skip_serializing_if = "Option::is_none", rename = "certificateKey")] + pub certificate_key: Option, + #[serde(rename = "clientId")] + pub client_id: SecretStoreProviderBeyondtrustAuthClientId, + #[serde(rename = "clientSecret")] + pub client_secret: SecretStoreProviderBeyondtrustAuthClientSecret, +} + +/// Content of the certificate (cert.pem) for use when authenticating with an OAuth client Id using a Client Certificate. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthCertificate { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthCertificateSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Certificate private key (key.pem). For use when authenticating with an OAuth client Id +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthCertificateKey { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthCertificateKeySecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthClientId { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthClientIdSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthClientSecret { + /// SecretRef references a key in a secret that will be used as value. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] + pub secret_ref: Option, + /// Value can be specified directly to set a value without using a secret. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, +} + +/// SecretRef references a key in a secret that will be used as value. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustAuthClientSecretSecretRef { + /// The key of the entry in the Secret resource's `data` field to be used. Some instances of this field may be + /// defaulted, in others it may be required. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key: Option, + /// The name of the Secret resource being referred to. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Namespace of the resource being referred to. Ignored if referent is not cluster-scoped. cluster-scoped defaults + /// to the namespace of the referent. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, +} + +/// Auth configures how API server works. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SecretStoreProviderBeyondtrustServer { + #[serde(rename = "apiUrl")] + pub api_url: String, + /// Timeout specifies a time limit for requests made by this Client. The timeout includes connection time, any redirects, and reading the response body. Defaults to 45 seconds. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientTimeOutSeconds")] + pub client_time_out_seconds: Option, + /// The secret retrieval type. SECRET = Secrets Safe (credential, text, file). MANAGED_ACCOUNT = Password Safe account associated with a system. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "retrievalType")] + pub retrieval_type: Option, + /// A character that separates the folder names. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub separator: Option, + #[serde(rename = "verifyCA")] + pub verify_ca: bool, +} + /// BitwardenSecretsManager configures this store to sync secrets using BitwardenSecretsManager provider #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SecretStoreProviderBitwardensecretsmanager { diff --git a/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinkdeployments.rs b/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinkdeployments.rs index f5771f00b..0a69122f4 100644 --- a/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinkdeployments.rs +++ b/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinkdeployments.rs @@ -98,6 +98,8 @@ pub struct FlinkDeploymentJob { pub checkpoint_trigger_nonce: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "entryClass")] pub entry_class: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "flinkStateSnapshotReference")] + pub flink_state_snapshot_reference: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialSavepointPath")] pub initial_savepoint_path: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "jarURI")] @@ -114,6 +116,16 @@ pub struct FlinkDeploymentJob { pub upgrade_mode: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlinkDeploymentJobFlinkStateSnapshotReference { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum FlinkDeploymentJobState { #[serde(rename = "running")] @@ -11252,6 +11264,8 @@ pub struct FlinkDeploymentStatusJobStatus { pub state: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateTime")] pub update_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeSnapshotReference")] + pub upgrade_snapshot_reference: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -11438,6 +11452,16 @@ pub enum FlinkDeploymentStatusJobStatusSavepointInfoTriggerType { Upgrade, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlinkDeploymentStatusJobStatusUpgradeSnapshotReference { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum FlinkDeploymentStatusLifecycleState { #[serde(rename = "CREATED")] diff --git a/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinksessionjobs.rs b/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinksessionjobs.rs index 1d29309c5..e90df6985 100644 --- a/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinksessionjobs.rs +++ b/kube-custom-resources-rs/src/flink_apache_org/v1beta1/flinksessionjobs.rs @@ -38,6 +38,8 @@ pub struct FlinkSessionJobJob { pub checkpoint_trigger_nonce: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "entryClass")] pub entry_class: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "flinkStateSnapshotReference")] + pub flink_state_snapshot_reference: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "initialSavepointPath")] pub initial_savepoint_path: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "jarURI")] @@ -54,6 +56,16 @@ pub struct FlinkSessionJobJob { pub upgrade_mode: Option, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlinkSessionJobJobFlinkStateSnapshotReference { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum FlinkSessionJobJobState { #[serde(rename = "running")] @@ -102,6 +114,8 @@ pub struct FlinkSessionJobStatusJobStatus { pub state: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "updateTime")] pub update_time: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeSnapshotReference")] + pub upgrade_snapshot_reference: Option, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -288,6 +302,16 @@ pub enum FlinkSessionJobStatusJobStatusSavepointInfoTriggerType { Upgrade, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct FlinkSessionJobStatusJobStatusUpgradeSnapshotReference { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub path: Option, +} + #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum FlinkSessionJobStatusLifecycleState { #[serde(rename = "CREATED")] diff --git a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs index 0d9dbea44..c6e0e6559 100644 --- a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs +++ b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta1/flowcollectors.rs @@ -203,6 +203,9 @@ pub struct FlowCollectorAgentEbpfFlowFilter { /// To filter a range of ports, use a "start-end" range, string format. For example sourcePorts: "80-100". #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePorts")] pub source_ports: Option, + /// `tcpFlags` defines the TCP flags to filter flows by. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpFlags")] + pub tcp_flags: Option, } /// `flowFilter` defines the eBPF agent configuration regarding flow filtering @@ -234,6 +237,31 @@ pub enum FlowCollectorAgentEbpfFlowFilterProtocol { Sctp, } +/// `flowFilter` defines the eBPF agent configuration regarding flow filtering +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterTcpFlags { + #[serde(rename = "SYN")] + Syn, + #[serde(rename = "SYN-ACK")] + SynAck, + #[serde(rename = "ACK")] + Ack, + #[serde(rename = "FIN")] + Fin, + #[serde(rename = "RST")] + Rst, + #[serde(rename = "URG")] + Urg, + #[serde(rename = "ECE")] + Ece, + #[serde(rename = "CWR")] + Cwr, + #[serde(rename = "FIN-ACK")] + FinAck, + #[serde(rename = "RST-ACK")] + RstAck, +} + /// `ebpf` describes the settings related to the eBPF-based flow reporter when `spec.agent.type` /// is set to `EBPF`. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] diff --git a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs index 98973fc41..ed86afe31 100644 --- a/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs +++ b/kube-custom-resources-rs/src/flows_netobserv_io/v1beta2/flowcollectors.rs @@ -958,6 +958,9 @@ pub struct FlowCollectorAgentEbpfFlowFilter { /// To filter a range of ports, use a "start-end" range in string format. For example: `sourcePorts: "80-100"`. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sourcePorts")] pub source_ports: Option, + /// `tcpFlags` defines the TCP flags to filter flows by. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tcpFlags")] + pub tcp_flags: Option, } /// `flowFilter` defines the eBPF agent configuration regarding flow filtering. @@ -989,6 +992,31 @@ pub enum FlowCollectorAgentEbpfFlowFilterProtocol { Sctp, } +/// `flowFilter` defines the eBPF agent configuration regarding flow filtering. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum FlowCollectorAgentEbpfFlowFilterTcpFlags { + #[serde(rename = "SYN")] + Syn, + #[serde(rename = "SYN-ACK")] + SynAck, + #[serde(rename = "ACK")] + Ack, + #[serde(rename = "FIN")] + Fin, + #[serde(rename = "RST")] + Rst, + #[serde(rename = "URG")] + Urg, + #[serde(rename = "ECE")] + Ece, + #[serde(rename = "CWR")] + Cwr, + #[serde(rename = "FIN-ACK")] + FinAck, + #[serde(rename = "RST-ACK")] + RstAck, +} + /// `ebpf` describes the settings related to the eBPF-based flow reporter when `spec.agent.type` /// is set to `eBPF`. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs index 71444585e..2e6d2cf1f 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1/httproutes.rs @@ -495,9 +495,6 @@ pub struct HTTPRouteRules { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub timeouts: Option, } @@ -2452,9 +2449,6 @@ pub enum HTTPRouteRulesSessionPersistenceType { /// /// /// Support: Extended -/// -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesTimeouts { /// BackendRequest specifies a timeout for an individual request from the gateway @@ -2473,8 +2467,10 @@ pub struct HTTPRouteRulesTimeouts { /// for example, if automatic retries are supported. /// /// - /// Because the Request timeout encompasses the BackendRequest timeout, the value of - /// BackendRequest must be <= the value of Request timeout. + /// The value of BackendRequest must be a Gateway API Duration string as defined by + /// GEP-2257. When this field is unspecified, its behavior is implementation-specific; + /// when specified, the value of BackendRequest must be no more than the value of the + /// Request timeout (since the Request timeout encompasses the BackendRequest timeout). /// /// /// Support: Extended @@ -2502,7 +2498,8 @@ pub struct HTTPRouteRulesTimeouts { /// initiated by the client. /// /// - /// When this field is unspecified, request timeout behavior is implementation-specific. + /// The value of Request is a Gateway API Duration string as defined by GEP-2257. When this + /// field is unspecified, request timeout behavior is implementation-specific. /// /// /// Support: Extended diff --git a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs index b495b480f..7570f5975 100644 --- a/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs +++ b/kube-custom-resources-rs/src/gateway_networking_k8s_io/v1beta1/httproutes.rs @@ -495,9 +495,6 @@ pub struct HTTPRouteRules { /// /// /// Support: Extended - /// - /// - /// #[serde(default, skip_serializing_if = "Option::is_none")] pub timeouts: Option, } @@ -2452,9 +2449,6 @@ pub enum HTTPRouteRulesSessionPersistenceType { /// /// /// Support: Extended -/// -/// -/// #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HTTPRouteRulesTimeouts { /// BackendRequest specifies a timeout for an individual request from the gateway @@ -2473,8 +2467,10 @@ pub struct HTTPRouteRulesTimeouts { /// for example, if automatic retries are supported. /// /// - /// Because the Request timeout encompasses the BackendRequest timeout, the value of - /// BackendRequest must be <= the value of Request timeout. + /// The value of BackendRequest must be a Gateway API Duration string as defined by + /// GEP-2257. When this field is unspecified, its behavior is implementation-specific; + /// when specified, the value of BackendRequest must be no more than the value of the + /// Request timeout (since the Request timeout encompasses the BackendRequest timeout). /// /// /// Support: Extended @@ -2502,7 +2498,8 @@ pub struct HTTPRouteRulesTimeouts { /// initiated by the client. /// /// - /// When this field is unspecified, request timeout behavior is implementation-specific. + /// The value of Request is a Gateway API Duration string as defined by GEP-2257. When this + /// field is unspecified, request timeout behavior is implementation-specific. /// /// /// Support: Extended diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeploymentcustomizations.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeploymentcustomizations.rs index d4e821842..dd4b31781 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeploymentcustomizations.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeploymentcustomizations.rs @@ -58,7 +58,7 @@ pub struct ClusterDeploymentCustomizationStatus { /// ClusterDeploymentRef is a reference to the cluster deployment that this customization is applied on. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentCustomizationStatusClusterDeploymentRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -66,7 +66,7 @@ pub struct ClusterDeploymentCustomizationStatusClusterDeploymentRef { /// ClusterPoolRef is the name of the current cluster pool the CDC used at. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentCustomizationStatusClusterPoolRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeployments.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeployments.rs index d82110466..0161a2648 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeployments.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeployments.rs @@ -79,7 +79,7 @@ pub struct ClusterDeploymentSpec { /// BoundServiceAccountSigningKeySecretRef refers to a Secret that contains a 'bound-service-account-signing-key.key' data key pointing to the private key that will be used to sign ServiceAccount objects. Primarily used to provision AWS clusters to use Amazon's Security Token Service. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentBoundServiceAccountSigningKeySecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -100,7 +100,7 @@ pub struct ClusterDeploymentCertificateBundles { /// CertificateSecretRef is the reference to the secret that contains the certificate bundle. If the certificate bundle is to be generated, it will be generated with the name in this reference. Otherwise, it is expected that the secret should exist in the same namespace as the ClusterDeployment #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentCertificateBundlesCertificateSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -137,7 +137,7 @@ pub struct ClusterDeploymentClusterMetadata { /// AdminKubeconfigSecretRef references the secret containing the admin kubeconfig for this cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentClusterMetadataAdminKubeconfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -145,7 +145,7 @@ pub struct ClusterDeploymentClusterMetadataAdminKubeconfigSecretRef { /// AdminPasswordSecretRef references the secret containing the admin username/password which can be used to login to this cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentClusterMetadataAdminPasswordSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -210,7 +210,7 @@ pub struct ClusterDeploymentClusterPoolRef { /// CustomizationRef is the ClusterPool Inventory claimed customization for this ClusterDeployment. The Customization exists in the ClusterPool namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentClusterPoolRefClusterDeploymentCustomization { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -421,7 +421,7 @@ pub struct ClusterDeploymentPlatformAwsCredentialsAssumeRole { /// CredentialsSecretRef refers to a secret that contains the AWS account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformAwsCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -466,7 +466,7 @@ pub enum ClusterDeploymentPlatformAzureCloudName { /// CredentialsSecretRef refers to a secret that contains the Azure account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformAzureCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -482,7 +482,7 @@ pub struct ClusterDeploymentPlatformBaremetal { /// LibvirtSSHPrivateKeySecretRef is the reference to the secret that contains the private SSH key to use for access to the libvirt provisioning host. The SSH private key is expected to be in the secret data under the "ssh-privatekey" key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformBaremetalLibvirtSshPrivateKeySecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -503,7 +503,7 @@ pub struct ClusterDeploymentPlatformGcp { /// CredentialsSecretRef refers to a secret that contains the GCP account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformGcpCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -553,7 +553,7 @@ pub struct ClusterDeploymentPlatformIbmcloud { /// CredentialsSecretRef refers to a secret that contains IBM Cloud account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformIbmcloudCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -584,7 +584,7 @@ pub struct ClusterDeploymentPlatformOpenstack { /// For example, """clouds.yaml clouds: shiftstack: auth: ... cacert: "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem" """ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformOpenstackCertificatesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -592,7 +592,7 @@ pub struct ClusterDeploymentPlatformOpenstackCertificatesSecretRef { /// CredentialsSecretRef refers to a secret that contains the OpenStack account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformOpenstackCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -618,7 +618,7 @@ pub struct ClusterDeploymentPlatformOvirt { /// CertificatesSecretRef refers to a secret that contains the oVirt CA certificates necessary for communicating with oVirt. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformOvirtCertificatesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -626,7 +626,7 @@ pub struct ClusterDeploymentPlatformOvirtCertificatesSecretRef { /// CredentialsSecretRef refers to a secret that contains the oVirt account access credentials with fields: ovirt_url, ovirt_username, ovirt_password, ovirt_ca_bundle #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformOvirtCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -662,7 +662,7 @@ pub struct ClusterDeploymentPlatformVsphere { /// CertificatesSecretRef refers to a secret that contains the vSphere CA certificates necessary for communicating with the VCenter. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformVsphereCertificatesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -670,7 +670,7 @@ pub struct ClusterDeploymentPlatformVsphereCertificatesSecretRef { /// CredentialsSecretRef refers to a secret that contains the vSphere account access credentials: GOVC_USERNAME, GOVC_PASSWORD fields. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPlatformVsphereCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -726,7 +726,7 @@ pub struct ClusterDeploymentProvisioningImageSetRef { /// InstallConfigSecretRef is the reference to a secret that contains an openshift-install InstallConfig. This file will be passed through directly to the installer. Any version of InstallConfig can be used, provided it can be parsed by the openshift-install version for the release you are provisioning. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentProvisioningInstallConfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -766,7 +766,7 @@ pub struct ClusterDeploymentProvisioningInstallerEnvValueFrom { pub struct ClusterDeploymentProvisioningInstallerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -803,7 +803,7 @@ pub struct ClusterDeploymentProvisioningInstallerEnvValueFromResourceFieldRef { pub struct ClusterDeploymentProvisioningInstallerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -814,7 +814,7 @@ pub struct ClusterDeploymentProvisioningInstallerEnvValueFromSecretKeyRef { /// ManifestsConfigMapRef is a reference to user-provided manifests to add to or replace manifests that are generated by the installer. It serves the same purpose as, and is mutually exclusive with, ManifestsSecretRef. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentProvisioningManifestsConfigMapRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -822,7 +822,7 @@ pub struct ClusterDeploymentProvisioningManifestsConfigMapRef { /// ManifestsSecretRef is a reference to user-provided manifests to add to or replace manifests that are generated by the installer. It serves the same purpose as, and is mutually exclusive with, ManifestsConfigMapRef. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentProvisioningManifestsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -830,7 +830,7 @@ pub struct ClusterDeploymentProvisioningManifestsSecretRef { /// SSHPrivateKeySecretRef is the reference to the secret that contains the private SSH key to use for access to compute instances. This private key should correspond to the public key included in the InstallConfig. The private key is used by Hive to gather logs on the target cluster if there are install failures. The SSH private key is expected to be in the secret data under the "ssh-privatekey" key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentProvisioningSshPrivateKeySecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -838,7 +838,7 @@ pub struct ClusterDeploymentProvisioningSshPrivateKeySecretRef { /// PullSecretRef is the reference to the secret to use when pulling images. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentPullSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -971,7 +971,7 @@ pub struct ClusterDeploymentStatusPlatformStatusGcpPrivateServiceConnect { /// ProvisionRef is a reference to the last ClusterProvision created for the deployment #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeploymentStatusProvisionRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeprovisions.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeprovisions.rs index 7bca7d2d6..207761f27 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeprovisions.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterdeprovisions.rs @@ -91,7 +91,7 @@ pub struct ClusterDeprovisionPlatformAwsCredentialsAssumeRole { /// CredentialsSecretRef is the AWS account credentials to use for deprovisioning the cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformAwsCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -125,7 +125,7 @@ pub enum ClusterDeprovisionPlatformAzureCloudName { /// CredentialsSecretRef is the Azure account credentials to use for deprovisioning the cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformAzureCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -146,7 +146,7 @@ pub struct ClusterDeprovisionPlatformGcp { /// CredentialsSecretRef is the GCP account credentials to use for deprovisioning the cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformGcpCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -167,7 +167,7 @@ pub struct ClusterDeprovisionPlatformIbmcloud { /// CredentialsSecretRef is the IBM Cloud credentials to use for deprovisioning the cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformIbmcloudCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -188,7 +188,7 @@ pub struct ClusterDeprovisionPlatformOpenstack { /// CertificatesSecretRef refers to a secret that contains CA certificates necessary for communicating with the OpenStack. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformOpenstackCertificatesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -196,7 +196,7 @@ pub struct ClusterDeprovisionPlatformOpenstackCertificatesSecretRef { /// CredentialsSecretRef is the OpenStack account credentials to use for deprovisioning the cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformOpenstackCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -218,7 +218,7 @@ pub struct ClusterDeprovisionPlatformOvirt { /// CertificatesSecretRef refers to a secret that contains the oVirt CA certificates necessary for communicating with the oVirt. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformOvirtCertificatesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -226,7 +226,7 @@ pub struct ClusterDeprovisionPlatformOvirtCertificatesSecretRef { /// CredentialsSecretRef is the oVirt account credentials to use for deprovisioning the cluster secret fields: ovirt_url, ovirt_username, ovirt_password, ovirt_ca_bundle #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformOvirtCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -248,7 +248,7 @@ pub struct ClusterDeprovisionPlatformVsphere { /// CertificatesSecretRef refers to a secret that contains the vSphere CA certificates necessary for communicating with the VCenter. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformVsphereCertificatesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -256,7 +256,7 @@ pub struct ClusterDeprovisionPlatformVsphereCertificatesSecretRef { /// CredentialsSecretRef is the vSphere account credentials to use for deprovisioning the cluster #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterDeprovisionPlatformVsphereCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs index 9ed9ddd49..9f66be2c9 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterpools.rs @@ -104,7 +104,7 @@ pub struct ClusterPoolImageSetRef { /// InstallConfigSecretTemplateRef is a secret with the key install-config.yaml consisting of the content of the install-config.yaml to be used as a template for all clusters in this pool. Cluster specific settings (name, basedomain) will be injected dynamically when the ClusterDeployment install-config Secret is generated. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolInstallConfigSecretTemplateRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -144,7 +144,7 @@ pub struct ClusterPoolInstallerEnvValueFrom { pub struct ClusterPoolInstallerEnvValueFromConfigMapKeyRef { /// The key to select. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -181,7 +181,7 @@ pub struct ClusterPoolInstallerEnvValueFromResourceFieldRef { pub struct ClusterPoolInstallerEnvValueFromSecretKeyRef { /// The key of the secret to select from. Must be a valid secret key. pub key: String, - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -306,7 +306,7 @@ pub struct ClusterPoolPlatformAwsCredentialsAssumeRole { /// CredentialsSecretRef refers to a secret that contains the AWS account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformAwsCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -351,7 +351,7 @@ pub enum ClusterPoolPlatformAzureCloudName { /// CredentialsSecretRef refers to a secret that contains the Azure account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformAzureCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -367,7 +367,7 @@ pub struct ClusterPoolPlatformBaremetal { /// LibvirtSSHPrivateKeySecretRef is the reference to the secret that contains the private SSH key to use for access to the libvirt provisioning host. The SSH private key is expected to be in the secret data under the "ssh-privatekey" key. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformBaremetalLibvirtSshPrivateKeySecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -388,7 +388,7 @@ pub struct ClusterPoolPlatformGcp { /// CredentialsSecretRef refers to a secret that contains the GCP account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformGcpCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -438,7 +438,7 @@ pub struct ClusterPoolPlatformIbmcloud { /// CredentialsSecretRef refers to a secret that contains IBM Cloud account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformIbmcloudCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -469,7 +469,7 @@ pub struct ClusterPoolPlatformOpenstack { /// For example, """clouds.yaml clouds: shiftstack: auth: ... cacert: "/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem" """ #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformOpenstackCertificatesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -477,7 +477,7 @@ pub struct ClusterPoolPlatformOpenstackCertificatesSecretRef { /// CredentialsSecretRef refers to a secret that contains the OpenStack account access credentials. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformOpenstackCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -503,7 +503,7 @@ pub struct ClusterPoolPlatformOvirt { /// CertificatesSecretRef refers to a secret that contains the oVirt CA certificates necessary for communicating with oVirt. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformOvirtCertificatesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -511,7 +511,7 @@ pub struct ClusterPoolPlatformOvirtCertificatesSecretRef { /// CredentialsSecretRef refers to a secret that contains the oVirt account access credentials with fields: ovirt_url, ovirt_username, ovirt_password, ovirt_ca_bundle #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformOvirtCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -547,7 +547,7 @@ pub struct ClusterPoolPlatformVsphere { /// CertificatesSecretRef refers to a secret that contains the vSphere CA certificates necessary for communicating with the VCenter. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformVsphereCertificatesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -555,7 +555,7 @@ pub struct ClusterPoolPlatformVsphereCertificatesSecretRef { /// CredentialsSecretRef refers to a secret that contains the vSphere account access credentials: GOVC_USERNAME, GOVC_PASSWORD fields. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPlatformVsphereCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -563,7 +563,7 @@ pub struct ClusterPoolPlatformVsphereCredentialsSecretRef { /// PullSecretRef is the reference to the secret to use when pulling images. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPoolPullSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterprovisions.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterprovisions.rs index 2aae5ab45..5af4401d2 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterprovisions.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/clusterprovisions.rs @@ -61,7 +61,7 @@ pub struct ClusterProvisionSpec { /// AdminKubeconfigSecretRef references the secret containing the admin kubeconfig for this cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterProvisionAdminKubeconfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -69,7 +69,7 @@ pub struct ClusterProvisionAdminKubeconfigSecretRef { /// AdminPasswordSecretRef references the secret containing the admin username/password which can be used to login to this cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterProvisionAdminPasswordSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -77,7 +77,7 @@ pub struct ClusterProvisionAdminPasswordSecretRef { /// ClusterDeploymentRef references the cluster deployment provisioned. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterProvisionClusterDeploymentRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -101,7 +101,7 @@ pub struct ClusterProvisionStatus { /// JobRef is the reference to the job performing the provision. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterProvisionStatusJobRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/dnszones.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/dnszones.rs index bdeb7fbc7..d29884c0b 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/dnszones.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/dnszones.rs @@ -77,7 +77,7 @@ pub struct DNSZoneAwsCredentialsAssumeRole { /// CredentialsSecretRef contains a reference to a secret that contains AWS credentials for CRUD operations #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DNSZoneAwsCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -111,7 +111,7 @@ pub enum DNSZoneAzureCloudName { /// CredentialsSecretRef references a secret that will be used to authenticate with Azure CloudDNS. It will need permission to create and manage CloudDNS Hosted Zones. Secret should have a key named 'osServicePrincipal.json'. The credentials must specify the project to use. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DNSZoneAzureCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -127,7 +127,7 @@ pub struct DNSZoneGcp { /// CredentialsSecretRef references a secret that will be used to authenticate with GCP CloudDNS. It will need permission to create and manage CloudDNS Hosted Zones. Secret should have a key named 'osServiceAccount.json'. The credentials must specify the project to use. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DNSZoneGcpCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/hiveconfigs.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/hiveconfigs.rs index 5287c9b3d..1ba8390d9 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/hiveconfigs.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/hiveconfigs.rs @@ -101,7 +101,7 @@ pub struct HiveConfigSpec { /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigAdditionalCertificateAuthoritiesSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -148,7 +148,7 @@ pub struct HiveConfigAwsPrivateLinkAssociatedVpCs { /// CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS for associating the VPC with the Private HostedZone created for PrivateLink. When not provided, the common credentials for the controller should be used. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigAwsPrivateLinkAssociatedVpCsCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -156,7 +156,7 @@ pub struct HiveConfigAwsPrivateLinkAssociatedVpCsCredentialsSecretRef { /// CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS for creating the resources for AWS PrivateLink. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigAwsPrivateLinkCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -457,7 +457,7 @@ pub struct HiveConfigFailedProvisionConfigAws { /// CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS S3. It will need permission to upload logs to S3. Secret should have keys named aws_access_key_id and aws_secret_access_key that contain the AWS credentials. Example Secret: data: aws_access_key_id: minio aws_secret_access_key: minio123 #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigFailedProvisionConfigAwsCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -492,7 +492,7 @@ pub enum HiveConfigFeatureGatesFeatureSet { /// GlobalPullSecretRef is used to specify a pull secret that will be used globally by all of the cluster deployments. For each cluster deployment, the contents of GlobalPullSecret will be merged with the specific pull secret for a cluster deployment(if specified), with precedence given to the contents of the pull secret for the cluster deployment. The global pull secret is assumed to be in the TargetNamespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigGlobalPullSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -527,7 +527,7 @@ pub struct HiveConfigManagedDomainsAws { /// CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS Route53. It will need permission to manage entries for the domain listed in the parent ManageDNSConfig object. Secret should have AWS keys named 'aws_access_key_id' and 'aws_secret_access_key'. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigManagedDomainsAwsCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -561,7 +561,7 @@ pub enum HiveConfigManagedDomainsAzureCloudName { /// CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with Azure DNS. It wil need permission to manage entries in each of the managed domains listed in the parent ManageDNSConfig object. Secret should have a key named 'osServicePrincipal.json' #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigManagedDomainsAzureCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -577,7 +577,7 @@ pub struct HiveConfigManagedDomainsGcp { /// CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with GCP DNS. It will need permission to manage entries in each of the managed domains for this cluster. listed in the parent ManageDNSConfig object. Secret should have a key named 'osServiceAccount.json'. The credentials must specify the project to use. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigManagedDomainsGcpCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -641,7 +641,7 @@ pub struct HiveConfigPrivateLinkGcp { /// CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with GCP for creating the resources for GCP Private Service Connect #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigPrivateLinkGcpCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -695,7 +695,7 @@ pub struct HiveConfigServiceProviderCredentialsConfigAws { /// CredentialsSecretRef references a secret in the TargetNamespace that will be used to authenticate with AWS to become the Service Provider. Being a Service Provider allows the controllers to assume the role in customer AWS accounts to manager clusters. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct HiveConfigServiceProviderCredentialsConfigAwsCredentialsSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs index 40c7b4250..7af1798d5 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/machinepools.rs @@ -55,7 +55,7 @@ pub struct MachinePoolAutoscaling { /// ClusterDeploymentRef references the cluster deployment to which this machine pool belongs. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct MachinePoolClusterDeploymentRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/hive_openshift_io/v1/syncidentityproviders.rs b/kube-custom-resources-rs/src/hive_openshift_io/v1/syncidentityproviders.rs index d4659f6e4..3d9ce442d 100644 --- a/kube-custom-resources-rs/src/hive_openshift_io/v1/syncidentityproviders.rs +++ b/kube-custom-resources-rs/src/hive_openshift_io/v1/syncidentityproviders.rs @@ -29,7 +29,7 @@ pub struct SyncIdentityProviderSpec { /// LocalObjectReference contains enough information to let you locate the referenced object inside the same namespace. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SyncIdentityProviderClusterDeploymentRefs { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/hiveinternal_openshift_io/v1alpha1/fakeclusterinstalls.rs b/kube-custom-resources-rs/src/hiveinternal_openshift_io/v1alpha1/fakeclusterinstalls.rs index bf51eab98..ebd5d12ac 100644 --- a/kube-custom-resources-rs/src/hiveinternal_openshift_io/v1alpha1/fakeclusterinstalls.rs +++ b/kube-custom-resources-rs/src/hiveinternal_openshift_io/v1alpha1/fakeclusterinstalls.rs @@ -33,7 +33,7 @@ pub struct FakeClusterInstallSpec { /// ClusterDeploymentRef is a reference to the ClusterDeployment associated with this AgentClusterInstall. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FakeClusterInstallClusterDeploymentRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -61,7 +61,7 @@ pub struct FakeClusterInstallClusterMetadata { /// AdminKubeconfigSecretRef references the secret containing the admin kubeconfig for this cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FakeClusterInstallClusterMetadataAdminKubeconfigSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -69,7 +69,7 @@ pub struct FakeClusterInstallClusterMetadataAdminKubeconfigSecretRef { /// AdminPasswordSecretRef references the secret containing the admin username/password which can be used to login to this cluster. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FakeClusterInstallClusterMetadataAdminPasswordSecretRef { - /// Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid? + /// Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs b/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs index 7f2c9167d..6747d1f1e 100644 --- a/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs +++ b/kube-custom-resources-rs/src/jobset_x_k8s_io/v1alpha2/jobsets.rs @@ -268,6 +268,20 @@ pub struct JobSetReplicatedJobsTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ #[serde(default, skip_serializing_if = "Option::is_none")] pub completions: Option, + /// ManagedBy field indicates the controller that manages a Job. The k8s Job + /// controller reconciles jobs which don't have this field at all or the field + /// value is the reserved string `kubernetes.io/job-controller`, but skips + /// reconciling Jobs with a custom value for this field. + /// The value must be a valid domain-prefixed path (e.g. acme.io/foo) - + /// all characters before the first "/" must be a valid subdomain as defined + /// by RFC 1123. All characters trailing the first "/" must be valid HTTP Path + /// characters as defined by RFC 3986. The value cannot exceed 64 characters. + /// + /// + /// This field is alpha-level. The job controller accepts setting the field + /// when the feature gate JobManagedBy is enabled (disabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "managedBy")] + pub managed_by: Option, /// manualSelector controls generation of pod labels and pod selectors. /// Leave `manualSelector` unset unless you are certain what you are doing. /// When false or unset, the system pick labels unique to this job @@ -331,6 +345,17 @@ pub struct JobSetReplicatedJobsTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/#label-selectors #[serde(default, skip_serializing_if = "Option::is_none")] pub selector: Option, + /// successPolicy specifies the policy when the Job can be declared as succeeded. + /// If empty, the default behavior applies - the Job is declared as succeeded + /// only when the number of succeeded pods equals to the completions. + /// When the field is specified, it must be immutable and works only for the Indexed Jobs. + /// Once the Job meets the SuccessPolicy, the lingering pods are terminated. + /// + /// + /// This field is alpha-level. To use this field, you must enable the + /// `JobSuccessPolicy` feature gate (disabled by default). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "successPolicy")] + pub success_policy: Option, /// suspend specifies whether the Job controller should create Pods or not. If /// a Job is created with suspend set to true, no Pods are created by the Job /// controller. If a Job is suspended after creation (i.e. the flag goes from @@ -484,6 +509,57 @@ pub struct JobSetReplicatedJobsTemplateSpecSelectorMatchExpressions { pub values: Option>, } +/// successPolicy specifies the policy when the Job can be declared as succeeded. +/// If empty, the default behavior applies - the Job is declared as succeeded +/// only when the number of succeeded pods equals to the completions. +/// When the field is specified, it must be immutable and works only for the Indexed Jobs. +/// Once the Job meets the SuccessPolicy, the lingering pods are terminated. +/// +/// +/// This field is alpha-level. To use this field, you must enable the +/// `JobSuccessPolicy` feature gate (disabled by default). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobSetReplicatedJobsTemplateSpecSuccessPolicy { + /// rules represents the list of alternative rules for the declaring the Jobs + /// as successful before `.status.succeeded >= .spec.completions`. Once any of the rules are met, + /// the "SucceededCriteriaMet" condition is added, and the lingering pods are removed. + /// The terminal state for such a Job has the "Complete" condition. + /// Additionally, these rules are evaluated in order; Once the Job meets one of the rules, + /// other rules are ignored. At most 20 elements are allowed. + pub rules: Vec, +} + +/// SuccessPolicyRule describes rule for declaring a Job as succeeded. +/// Each rule must have at least one of the "succeededIndexes" or "succeededCount" specified. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobSetReplicatedJobsTemplateSpecSuccessPolicyRules { + /// succeededCount specifies the minimal required size of the actual set of the succeeded indexes + /// for the Job. When succeededCount is used along with succeededIndexes, the check is + /// constrained only to the set of indexes specified by succeededIndexes. + /// For example, given that succeededIndexes is "1-4", succeededCount is "3", + /// and completed indexes are "1", "3", and "5", the Job isn't declared as succeeded + /// because only "1" and "3" indexes are considered in that rules. + /// When this field is null, this doesn't default to any value and + /// is never evaluated at any time. + /// When specified it needs to be a positive integer. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "succeededCount")] + pub succeeded_count: Option, + /// succeededIndexes specifies the set of indexes + /// which need to be contained in the actual set of the succeeded indexes for the Job. + /// The list of indexes must be within 0 to ".spec.completions-1" and + /// must not contain duplicates. At least one element is required. + /// The indexes are represented as intervals separated by commas. + /// The intervals can be a decimal integer or a pair of decimal integers separated by a hyphen. + /// The number are listed in represented by the first and last element of the series, + /// separated by a hyphen. + /// For example, if the completed indexes are 1, 3, 4, 5 and 7, they are + /// represented as "1,3-5,7". + /// When this field is null, this field doesn't default to any value + /// and is never evaluated at any time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "succeededIndexes")] + pub succeeded_indexes: Option, +} + /// Describes the pod that will be created when executing a job. /// The only allowed template.spec.restartPolicy values are "Never" or "OnFailure". /// More info: https://kubernetes.io/docs/concepts/workloads/controllers/jobs-run-to-completion/ @@ -560,7 +636,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpec { #[serde(default, skip_serializing_if = "Option::is_none", rename = "ephemeralContainers")] pub ephemeral_containers: Option>, /// HostAliases is an optional list of hosts and IPs that will be injected into the pod's hosts - /// file if specified. This is only valid for non-hostNetwork pods. + /// file if specified. #[serde(default, skip_serializing_if = "Option::is_none", rename = "hostAliases")] pub host_aliases: Option>, /// Use the host's ipc namespace. @@ -633,6 +709,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpec { /// - spec.hostPID /// - spec.hostIPC /// - spec.hostUsers + /// - spec.securityContext.appArmorProfile /// - spec.securityContext.seLinuxOptions /// - spec.securityContext.seccompProfile /// - spec.securityContext.fsGroup @@ -642,6 +719,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpec { /// - spec.securityContext.runAsUser /// - spec.securityContext.runAsGroup /// - spec.securityContext.supplementalGroups + /// - spec.containers[*].securityContext.appArmorProfile /// - spec.containers[*].securityContext.seLinuxOptions /// - spec.containers[*].securityContext.seccompProfile /// - spec.containers[*].securityContext.capabilities @@ -724,16 +802,13 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpec { /// /// /// SchedulingGates can only be set at pod creation time, and be removed only afterwards. - /// - /// - /// This is a beta feature enabled by the PodSchedulingReadiness feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulingGates")] pub scheduling_gates: Option>, /// SecurityContext holds pod-level security attributes and common container settings. /// Optional: Defaults to empty. See type description for default values of each field. #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityContext")] pub security_context: Option, - /// DeprecatedServiceAccount is a depreciated alias for ServiceAccountName. + /// DeprecatedServiceAccount is a deprecated alias for ServiceAccountName. /// Deprecated: Use serviceAccountName instead. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccount")] pub service_account: Option, @@ -983,23 +1058,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecAffinityPodAffinityPrefer pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -1104,23 +1179,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecAffinityPodAffinityRequir pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -1256,23 +1331,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecAffinityPodAntiAffinityPr pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -1377,23 +1452,23 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecAffinityPodAntiAffinityRe pub label_selector: Option, /// MatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key in (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. - /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both matchLabelKeys and labelSelector. + /// Also, matchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] pub match_label_keys: Option>, /// MismatchLabelKeys is a set of pod label keys to select which pods will /// be taken into consideration. The keys are used to lookup values from the - /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// incoming pod labels, those key-value labels are merged with `labelSelector` as `key notin (value)` /// to select the group of existing pods which pods will be taken into consideration /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming /// pod labels will be ignored. The default value is empty. - /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. - /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. + /// Also, mismatchLabelKeys cannot be set when labelSelector isn't set. /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] pub mismatch_label_keys: Option>, @@ -1697,8 +1772,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersEnvValueFromCon /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -1738,8 +1817,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersEnvValueFromSec /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -1765,8 +1848,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -1778,8 +1865,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersEnvFromConfigMa #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -2330,6 +2421,11 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersSecurityContext /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2396,6 +2492,26 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersSecurityContext pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -2629,6 +2745,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersVolumeMounts { /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -2637,6 +2755,28 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecContainersVolumeMounts { /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -2877,8 +3017,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersEnvVal /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -2918,8 +3062,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersEnvVal /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -2945,8 +3093,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersEnvFro #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -2958,8 +3110,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersEnvFro #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -3501,6 +3657,11 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersSecuri /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3567,6 +3728,26 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersSecuri pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -3794,6 +3975,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersVolume /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -3802,6 +3985,28 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecEphemeralContainersVolume /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -3822,8 +4027,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecHostAliases { #[serde(default, skip_serializing_if = "Option::is_none")] pub hostnames: Option>, /// IP address of the host file entry. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub ip: Option, + pub ip: String, } /// LocalObjectReference contains enough information to let you locate the @@ -3831,8 +4035,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecHostAliases { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecImagePullSecrets { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -4050,8 +4258,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersEnvValueFro /// The key to select. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap or its key must be defined @@ -4091,8 +4303,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersEnvValueFro /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -4118,8 +4334,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersEnvFrom { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersEnvFromConfigMapRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the ConfigMap must be defined @@ -4131,8 +4351,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersEnvFromConf #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersEnvFromSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret must be defined @@ -4683,6 +4907,11 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersSecurityCon /// Note that this field cannot be set when spec.os.name is windows. #[serde(default, skip_serializing_if = "Option::is_none", rename = "allowPrivilegeEscalation")] pub allow_privilege_escalation: Option, + /// appArmorProfile is the AppArmor options to use by this container. If set, this profile + /// overrides the pod's appArmorProfile. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4749,6 +4978,26 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersSecurityCon pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by this container. If set, this profile +/// overrides the pod's appArmorProfile. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The capabilities to add/drop when running containers. /// Defaults to the default set of capabilities granted by the container runtime. /// Note that this field cannot be set when spec.os.name is windows. @@ -4982,6 +5231,8 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersVolumeMount /// to container and the other way around. /// When not set, MountPropagationNone is used. /// This field is beta in 1.10. + /// When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified + /// (which defaults to None). #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountPropagation")] pub mount_propagation: Option, /// This must match the Name of a Volume. @@ -4990,6 +5241,28 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersVolumeMount /// Defaults to false. #[serde(default, skip_serializing_if = "Option::is_none", rename = "readOnly")] pub read_only: Option, + /// RecursiveReadOnly specifies whether read-only mounts should be handled + /// recursively. + /// + /// + /// If ReadOnly is false, this field has no meaning and must be unspecified. + /// + /// + /// If ReadOnly is true, and this field is set to Disabled, the mount is not made + /// recursively read-only. If this field is set to IfPossible, the mount is made + /// recursively read-only, if it is supported by the container runtime. If this + /// field is set to Enabled, the mount is made recursively read-only if it is + /// supported by the container runtime, otherwise the pod will not be started and + /// an error will be generated to indicate the reason. + /// + /// + /// If this field is set to IfPossible or Enabled, MountPropagation must be set to + /// None (or be unspecified, which defaults to None). + /// + /// + /// If this field is not specified, it is treated as an equivalent of Disabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "recursiveReadOnly")] + pub recursive_read_only: Option, /// Path within the volume from which the container's volume should be mounted. /// Defaults to "" (volume's root). #[serde(default, skip_serializing_if = "Option::is_none", rename = "subPath")] @@ -5014,6 +5287,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersVolumeMount /// - spec.hostPID /// - spec.hostIPC /// - spec.hostUsers +/// - spec.securityContext.appArmorProfile /// - spec.securityContext.seLinuxOptions /// - spec.securityContext.seccompProfile /// - spec.securityContext.fsGroup @@ -5023,6 +5297,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecInitContainersVolumeMount /// - spec.securityContext.runAsUser /// - spec.securityContext.runAsGroup /// - spec.securityContext.supplementalGroups +/// - spec.containers[*].securityContext.appArmorProfile /// - spec.containers[*].securityContext.seLinuxOptions /// - spec.containers[*].securityContext.seccompProfile /// - spec.containers[*].securityContext.capabilities @@ -5099,6 +5374,10 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecSchedulingGates { /// Optional: Defaults to empty. See type description for default values of each field. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecSecurityContext { + /// appArmorProfile is the AppArmor options to use by the containers in this pod. + /// Note that this field cannot be set when spec.os.name is windows. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "appArmorProfile")] + pub app_armor_profile: Option, /// A special supplemental group that applies to all containers in a pod. /// Some volume types allow the Kubelet to change the ownership of that volume /// to be owned by the pod: @@ -5180,6 +5459,25 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecSecurityContext { pub windows_options: Option, } +/// appArmorProfile is the AppArmor options to use by the containers in this pod. +/// Note that this field cannot be set when spec.os.name is windows. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecSecurityContextAppArmorProfile { + /// localhostProfile indicates a profile loaded on the node that should be used. + /// The profile must be preconfigured on the node to work. + /// Must match the loaded name of the profile. + /// Must be set if and only if type is "Localhost". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "localhostProfile")] + pub localhost_profile: Option, + /// type indicates which kind of AppArmor profile will be applied. + /// Valid options are: + /// Localhost - a profile pre-loaded on the node. + /// RuntimeDefault - the container runtime's default profile. + /// Unconfined - no AppArmor enforcement. + #[serde(rename = "type")] + pub r#type: String, +} + /// The SELinux context to be applied to all containers. /// If unspecified, the container runtime will allocate a random SELinux context for each /// container. May also be set in SecurityContext. If set in @@ -5350,9 +5648,6 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecTopologySpreadConstraints /// In this situation, new pod with the same labelSelector cannot be scheduled, /// because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, /// it will violate MaxSkew. - /// - /// - /// This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default). #[serde(default, skip_serializing_if = "Option::is_none", rename = "minDomains")] pub min_domains: Option, /// NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector @@ -5692,8 +5987,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCephfs { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCephfsSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5728,8 +6027,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCinder { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCinderSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5756,8 +6059,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesConfigMap { #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -5821,8 +6128,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesCsiNodePublishSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -5848,7 +6159,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesDownwardApi { /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -5867,7 +6178,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesDownwardApiItems { pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -6094,7 +6405,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesEphemeralVolumeCla /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource /// exists. - /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] pub volume_attributes_class_name: Option, @@ -6278,8 +6589,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesFlexVolume { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesFlexVolumeSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6435,8 +6750,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesIscsi { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesIscsiSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6644,8 +6963,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesProjectedSourcesCo #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional specify whether the ConfigMap or its keys must be defined @@ -6684,7 +7007,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesProjectedSourcesDo /// DownwardAPIVolumeFile represents information to create the file containing the pod field #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesProjectedSourcesDownwardApiItems { - /// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. + /// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[serde(default, skip_serializing_if = "Option::is_none", rename = "fieldRef")] pub field_ref: Option, /// Optional: mode bits used to set permissions on this file, must be an octal value @@ -6703,7 +7026,7 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesProjectedSourcesDo pub resource_field_ref: Option, } -/// Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. +/// Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesProjectedSourcesDownwardApiItemsFieldRef { /// Version of the schema the FieldPath is written in terms of, defaults to "v1". @@ -6741,8 +7064,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesProjectedSourcesSe #[serde(default, skip_serializing_if = "Option::is_none")] pub items: Option>, /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// optional field specify whether the Secret or its key must be defined @@ -6871,8 +7198,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesRbd { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesRbdSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -6922,8 +7253,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesScaleIo { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesScaleIoSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } @@ -7014,8 +7349,12 @@ pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesStorageos { #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct JobSetReplicatedJobsTemplateSpecTemplateSpecVolumesStorageosSecretRef { /// Name of the referent. - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, } diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs index 9f5631505..1c3f97a0d 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/mariadbs.rs @@ -154,7 +154,8 @@ pub struct MariaDBSpec { /// Storage defines the storage options to be used for provisioning the PVCs mounted by MariaDB. #[serde(default, skip_serializing_if = "Option::is_none")] pub storage: Option, - /// Suspend defines whether the MariaDB reconciliation loop is enabled. This can be useful for maintenance, as disabling the reconciliation loop prevents the operator from interfering with user operations during maintenance activities. + /// Suspend indicates whether the current resource should be suspended or not. + /// This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. #[serde(default, skip_serializing_if = "Option::is_none")] pub suspend: Option, /// TimeZone sets the default timezone. If not provided, it defaults to SYSTEM and the timezone data is not loaded. @@ -12792,7 +12793,8 @@ pub struct MariaDBMaxScaleMonitor { /// https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub params: Option>, - /// Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this. + /// Suspend indicates whether the current resource should be suspended or not. + /// This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. #[serde(default, skip_serializing_if = "Option::is_none")] pub suspend: Option, } @@ -12834,7 +12836,8 @@ pub struct MariaDBMaxScaleServices { pub params: Option>, /// Router is the type of router to use. pub router: MariaDBMaxScaleServicesRouter, - /// Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this. + /// Suspend indicates whether the current resource should be suspended or not. + /// This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. #[serde(default, skip_serializing_if = "Option::is_none")] pub suspend: Option, } @@ -12856,7 +12859,8 @@ pub struct MariaDBMaxScaleServicesListener { /// Protocol is the MaxScale protocol to use when communicating with the client. If not provided, it defaults to MariaDBProtocol. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this. + /// Suspend indicates whether the current resource should be suspended or not. + /// This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. #[serde(default, skip_serializing_if = "Option::is_none")] pub suspend: Option, } diff --git a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs index 1be8dfbb6..58435d09a 100644 --- a/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs +++ b/kube-custom-resources-rs/src/k8s_mariadb_com/v1alpha1/maxscales.rs @@ -124,6 +124,10 @@ pub struct MaxScaleSpec { /// SidecarContainers to be used in the Pod. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sidecarContainers")] pub sidecar_containers: Option>, + /// Suspend indicates whether the current resource should be suspended or not. + /// This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub suspend: Option, /// Tolerations to be used in the Pod. #[serde(default, skip_serializing_if = "Option::is_none")] pub tolerations: Option>, @@ -7506,7 +7510,8 @@ pub struct MaxScaleMonitor { /// https://mariadb.com/kb/en/mariadb-maxscale-2308-mariadb-monitor/#configuration. #[serde(default, skip_serializing_if = "Option::is_none")] pub params: Option>, - /// Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this. + /// Suspend indicates whether the current resource should be suspended or not. + /// This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. #[serde(default, skip_serializing_if = "Option::is_none")] pub suspend: Option, } @@ -8113,7 +8118,8 @@ pub struct MaxScaleServices { pub params: Option>, /// Router is the type of router to use. pub router: MaxScaleServicesRouter, - /// Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this. + /// Suspend indicates whether the current resource should be suspended or not. + /// This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. #[serde(default, skip_serializing_if = "Option::is_none")] pub suspend: Option, } @@ -8135,7 +8141,8 @@ pub struct MaxScaleServicesListener { /// Protocol is the MaxScale protocol to use when communicating with the client. If not provided, it defaults to MariaDBProtocol. #[serde(default, skip_serializing_if = "Option::is_none")] pub protocol: Option, - /// Suspend indicates whether the current resource should be suspended or not. Feature flag --feature-maxscale-suspend is required in the controller to enable this. + /// Suspend indicates whether the current resource should be suspended or not. + /// This can be useful for maintenance, as disabling the reconciliation prevents the operator from interfering with user operations during maintenance activities. #[serde(default, skip_serializing_if = "Option::is_none")] pub suspend: Option, } diff --git a/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs b/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs index 00a3ef688..202993a45 100644 --- a/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs +++ b/kube-custom-resources-rs/src/k8s_nginx_org/v1/policies.rs @@ -152,8 +152,12 @@ pub struct PolicyOidc { pub client_id: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "clientSecret")] pub client_secret: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endSessionEndpoint")] + pub end_session_endpoint: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "jwksURI")] pub jwks_uri: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "postLogoutRedirectURI")] + pub post_logout_redirect_uri: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "redirectURI")] pub redirect_uri: Option, #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs index 1f6da5d00..c3174d885 100644 --- a/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/kafka_services_k8s_aws/v1alpha1/clusters.rs @@ -88,6 +88,8 @@ pub struct ClusterAssociatedScramSecretRefs { pub struct ClusterAssociatedScramSecretRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Information about the brokers. diff --git a/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs b/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs index 07592ca7b..be7fd1135 100644 --- a/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs +++ b/kube-custom-resources-rs/src/karpenter_sh/v1/nodepools.rs @@ -106,7 +106,9 @@ pub enum NodePoolDisruptionConsolidationPolicy { pub struct NodePoolTemplate { #[serde(default, skip_serializing_if = "Option::is_none")] pub metadata: Option, - /// NodeClaimSpec describes the desired state of the NodeClaim + /// NodeClaimTemplateSpec describes the desired state of the NodeClaim in the Nodepool + /// NodeClaimTemplateSpec is used in the NodePool's NodeClaimTemplate, with the resource requests omitted since + /// users are not able to set resource requests in the NodePool. pub spec: NodePoolTemplateSpec, } @@ -126,7 +128,9 @@ pub struct NodePoolTemplateMetadata { pub labels: Option>, } -/// NodeClaimSpec describes the desired state of the NodeClaim +/// NodeClaimTemplateSpec describes the desired state of the NodeClaim in the Nodepool +/// NodeClaimTemplateSpec is used in the NodePool's NodeClaimTemplate, with the resource requests omitted since +/// users are not able to set resource requests in the NodePool. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct NodePoolTemplateSpec { /// ExpireAfter is the duration the controller will wait diff --git a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs index 72f35bd2d..151d8442c 100644 --- a/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs +++ b/kube-custom-resources-rs/src/karpenter_sh/v1beta1/nodepools.rs @@ -86,11 +86,6 @@ pub struct NodePoolDisruptionBudgets { /// checking for int nodes for IntOrString nodes. /// Ref: https://github.com/kubernetes-sigs/controller-tools/blob/55efe4be40394a288216dab63156b0a64fb82929/pkg/crd/markers/validation.go#L379-L388 pub nodes: String, - /// Reasons is a list of disruption methods that this budget applies to. If Reasons is not set, this budget applies to all methods. - /// Otherwise, this will apply to each reason defined. - /// allowed reasons are Underutilized, Empty, and Drifted. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub reasons: Option>, /// Schedule specifies when a budget begins being active, following /// the upstream cronjob syntax. If omitted, the budget is always active. /// Timezones are not supported. diff --git a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/aliases.rs b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/aliases.rs index 9a7082c37..731b22f62 100644 --- a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/aliases.rs +++ b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/aliases.rs @@ -89,6 +89,8 @@ pub struct AliasTargetKeyRef { pub struct AliasTargetKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AliasStatus defines the observed state of Alias diff --git a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/grants.rs b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/grants.rs index edd206b8d..88314d9ac 100644 --- a/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/grants.rs +++ b/kube-custom-resources-rs/src/kms_services_k8s_aws/v1alpha1/grants.rs @@ -216,6 +216,8 @@ pub struct GrantKeyRef { pub struct GrantKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// GrantStatus defines the observed state of Grant diff --git a/kube-custom-resources-rs/src/kyverno_io/v1/clusterpolicies.rs b/kube-custom-resources-rs/src/kyverno_io/v1/clusterpolicies.rs index a4543cbce..75e7afc32 100644 --- a/kube-custom-resources-rs/src/kyverno_io/v1/clusterpolicies.rs +++ b/kube-custom-resources-rs/src/kyverno_io/v1/clusterpolicies.rs @@ -1939,9 +1939,9 @@ pub struct ClusterPolicyRulesValidate { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurity")] pub pod_security: Option, /// ValidationFailureAction defines if a validation policy rule violation should block - /// the admission review request (enforce), or allow (audit) the admission review request + /// the admission review request (Enforce), or allow (Audit) the admission review request /// and report an error in a policy report. Optional. - /// Allowed values are audit or enforce. + /// Allowed values are Audit or Enforce. #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] pub validation_failure_action: Option, /// ValidationFailureActionOverrides is a Cluster Policy attribute that specifies ValidationFailureAction @@ -2936,14 +2936,8 @@ pub enum ClusterPolicyRulesValidatePodSecurityVersion { /// Validation is used to validate matching resources. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterPolicyRulesValidateValidationFailureAction { - #[serde(rename = "audit")] Audit, - #[serde(rename = "enforce")] Enforce, - #[serde(rename = "Audit")] - AuditX, - #[serde(rename = "Enforce")] - EnforceX, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3076,6 +3070,9 @@ pub struct ClusterPolicyRulesVerifyImages { /// UseCache enables caching of image verify responses for this rule. #[serde(default, skip_serializing_if = "Option::is_none", rename = "useCache")] pub use_cache: Option, + /// Allowed values are Audit or Enforce. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] + pub validation_failure_action: Option, /// VerifyDigest validates that images have a digest. #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyDigest")] pub verify_digest: Option, @@ -3687,6 +3684,15 @@ pub enum ClusterPolicyRulesVerifyImagesType { Notary, } +/// ImageVerification validates that images that match the specified pattern +/// are signed with the supplied public key. Once the image is verified it is +/// mutated to include the SHA digest retrieved during the registration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterPolicyRulesVerifyImagesValidationFailureAction { + Audit, + Enforce, +} + /// Spec declares policy behaviors. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterPolicyValidationFailureAction { @@ -5697,9 +5703,9 @@ pub struct ClusterPolicyStatusAutogenRulesValidate { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurity")] pub pod_security: Option, /// ValidationFailureAction defines if a validation policy rule violation should block - /// the admission review request (enforce), or allow (audit) the admission review request + /// the admission review request (Enforce), or allow (Audit) the admission review request /// and report an error in a policy report. Optional. - /// Allowed values are audit or enforce. + /// Allowed values are Audit or Enforce. #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] pub validation_failure_action: Option, /// ValidationFailureActionOverrides is a Cluster Policy attribute that specifies ValidationFailureAction @@ -6694,14 +6700,8 @@ pub enum ClusterPolicyStatusAutogenRulesValidatePodSecurityVersion { /// Validation is used to validate matching resources. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterPolicyStatusAutogenRulesValidateValidationFailureAction { - #[serde(rename = "audit")] Audit, - #[serde(rename = "enforce")] Enforce, - #[serde(rename = "Audit")] - AuditX, - #[serde(rename = "Enforce")] - EnforceX, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -6834,6 +6834,9 @@ pub struct ClusterPolicyStatusAutogenRulesVerifyImages { /// UseCache enables caching of image verify responses for this rule. #[serde(default, skip_serializing_if = "Option::is_none", rename = "useCache")] pub use_cache: Option, + /// Allowed values are Audit or Enforce. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] + pub validation_failure_action: Option, /// VerifyDigest validates that images have a digest. #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyDigest")] pub verify_digest: Option, @@ -7445,6 +7448,15 @@ pub enum ClusterPolicyStatusAutogenRulesVerifyImagesType { Notary, } +/// ImageVerification validates that images that match the specified pattern +/// are signed with the supplied public key. Once the image is verified it is +/// mutated to include the SHA digest retrieved during the registration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterPolicyStatusAutogenRulesVerifyImagesValidationFailureAction { + Audit, + Enforce, +} + /// RuleCountStatus contains four variables which describes counts for /// validate, generate, mutate and verify images rules #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/kyverno_io/v1/policies.rs b/kube-custom-resources-rs/src/kyverno_io/v1/policies.rs index 4ffb04312..c696c664e 100644 --- a/kube-custom-resources-rs/src/kyverno_io/v1/policies.rs +++ b/kube-custom-resources-rs/src/kyverno_io/v1/policies.rs @@ -1940,9 +1940,9 @@ pub struct PolicyRulesValidate { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurity")] pub pod_security: Option, /// ValidationFailureAction defines if a validation policy rule violation should block - /// the admission review request (enforce), or allow (audit) the admission review request + /// the admission review request (Enforce), or allow (Audit) the admission review request /// and report an error in a policy report. Optional. - /// Allowed values are audit or enforce. + /// Allowed values are Audit or Enforce. #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] pub validation_failure_action: Option, /// ValidationFailureActionOverrides is a Cluster Policy attribute that specifies ValidationFailureAction @@ -2937,14 +2937,8 @@ pub enum PolicyRulesValidatePodSecurityVersion { /// Validation is used to validate matching resources. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum PolicyRulesValidateValidationFailureAction { - #[serde(rename = "audit")] Audit, - #[serde(rename = "enforce")] Enforce, - #[serde(rename = "Audit")] - AuditX, - #[serde(rename = "Enforce")] - EnforceX, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -3077,6 +3071,9 @@ pub struct PolicyRulesVerifyImages { /// UseCache enables caching of image verify responses for this rule. #[serde(default, skip_serializing_if = "Option::is_none", rename = "useCache")] pub use_cache: Option, + /// Allowed values are Audit or Enforce. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] + pub validation_failure_action: Option, /// VerifyDigest validates that images have a digest. #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyDigest")] pub verify_digest: Option, @@ -3688,6 +3685,15 @@ pub enum PolicyRulesVerifyImagesType { Notary, } +/// ImageVerification validates that images that match the specified pattern +/// are signed with the supplied public key. Once the image is verified it is +/// mutated to include the SHA digest retrieved during the registration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PolicyRulesVerifyImagesValidationFailureAction { + Audit, + Enforce, +} + /// Spec defines policy behaviors and contains one or more rules. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum PolicyValidationFailureAction { @@ -5698,9 +5704,9 @@ pub struct PolicyStatusAutogenRulesValidate { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurity")] pub pod_security: Option, /// ValidationFailureAction defines if a validation policy rule violation should block - /// the admission review request (enforce), or allow (audit) the admission review request + /// the admission review request (Enforce), or allow (Audit) the admission review request /// and report an error in a policy report. Optional. - /// Allowed values are audit or enforce. + /// Allowed values are Audit or Enforce. #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] pub validation_failure_action: Option, /// ValidationFailureActionOverrides is a Cluster Policy attribute that specifies ValidationFailureAction @@ -6695,14 +6701,8 @@ pub enum PolicyStatusAutogenRulesValidatePodSecurityVersion { /// Validation is used to validate matching resources. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum PolicyStatusAutogenRulesValidateValidationFailureAction { - #[serde(rename = "audit")] Audit, - #[serde(rename = "enforce")] Enforce, - #[serde(rename = "Audit")] - AuditX, - #[serde(rename = "Enforce")] - EnforceX, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -6835,6 +6835,9 @@ pub struct PolicyStatusAutogenRulesVerifyImages { /// UseCache enables caching of image verify responses for this rule. #[serde(default, skip_serializing_if = "Option::is_none", rename = "useCache")] pub use_cache: Option, + /// Allowed values are Audit or Enforce. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] + pub validation_failure_action: Option, /// VerifyDigest validates that images have a digest. #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyDigest")] pub verify_digest: Option, @@ -7446,6 +7449,15 @@ pub enum PolicyStatusAutogenRulesVerifyImagesType { Notary, } +/// ImageVerification validates that images that match the specified pattern +/// are signed with the supplied public key. Once the image is verified it is +/// mutated to include the SHA digest retrieved during the registration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PolicyStatusAutogenRulesVerifyImagesValidationFailureAction { + Audit, + Enforce, +} + /// RuleCountStatus contains four variables which describes counts for /// validate, generate, mutate and verify images rules #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/kyverno_io/v2beta1/clusterpolicies.rs b/kube-custom-resources-rs/src/kyverno_io/v2beta1/clusterpolicies.rs index 9cff2e37b..31be7ac81 100644 --- a/kube-custom-resources-rs/src/kyverno_io/v2beta1/clusterpolicies.rs +++ b/kube-custom-resources-rs/src/kyverno_io/v2beta1/clusterpolicies.rs @@ -1738,9 +1738,9 @@ pub struct ClusterPolicyRulesValidate { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurity")] pub pod_security: Option, /// ValidationFailureAction defines if a validation policy rule violation should block - /// the admission review request (enforce), or allow (audit) the admission review request + /// the admission review request (Enforce), or allow (Audit) the admission review request /// and report an error in a policy report. Optional. - /// Allowed values are audit or enforce. + /// Allowed values are Audit or Enforce. #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] pub validation_failure_action: Option, /// ValidationFailureActionOverrides is a Cluster Policy attribute that specifies ValidationFailureAction @@ -2827,14 +2827,8 @@ pub enum ClusterPolicyRulesValidatePodSecurityVersion { /// Validation is used to validate matching resources. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterPolicyRulesValidateValidationFailureAction { - #[serde(rename = "audit")] Audit, - #[serde(rename = "enforce")] Enforce, - #[serde(rename = "Audit")] - AuditX, - #[serde(rename = "Enforce")] - EnforceX, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2942,6 +2936,9 @@ pub struct ClusterPolicyRulesVerifyImages { /// UseCache enables caching of image verify responses for this rule #[serde(default, skip_serializing_if = "Option::is_none", rename = "useCache")] pub use_cache: Option, + /// Allowed values are Audit or Enforce. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] + pub validation_failure_action: Option, /// VerifyDigest validates that images have a digest. #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyDigest")] pub verify_digest: Option, @@ -3553,6 +3550,15 @@ pub enum ClusterPolicyRulesVerifyImagesType { Notary, } +/// ImageVerification validates that images that match the specified pattern +/// are signed with the supplied public key. Once the image is verified it is +/// mutated to include the SHA digest retrieved during the registration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterPolicyRulesVerifyImagesValidationFailureAction { + Audit, + Enforce, +} + /// Spec declares policy behaviors. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterPolicyValidationFailureAction { @@ -5563,9 +5569,9 @@ pub struct ClusterPolicyStatusAutogenRulesValidate { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurity")] pub pod_security: Option, /// ValidationFailureAction defines if a validation policy rule violation should block - /// the admission review request (enforce), or allow (audit) the admission review request + /// the admission review request (Enforce), or allow (Audit) the admission review request /// and report an error in a policy report. Optional. - /// Allowed values are audit or enforce. + /// Allowed values are Audit or Enforce. #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] pub validation_failure_action: Option, /// ValidationFailureActionOverrides is a Cluster Policy attribute that specifies ValidationFailureAction @@ -6560,14 +6566,8 @@ pub enum ClusterPolicyStatusAutogenRulesValidatePodSecurityVersion { /// Validation is used to validate matching resources. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ClusterPolicyStatusAutogenRulesValidateValidationFailureAction { - #[serde(rename = "audit")] Audit, - #[serde(rename = "enforce")] Enforce, - #[serde(rename = "Audit")] - AuditX, - #[serde(rename = "Enforce")] - EnforceX, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -6700,6 +6700,9 @@ pub struct ClusterPolicyStatusAutogenRulesVerifyImages { /// UseCache enables caching of image verify responses for this rule. #[serde(default, skip_serializing_if = "Option::is_none", rename = "useCache")] pub use_cache: Option, + /// Allowed values are Audit or Enforce. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] + pub validation_failure_action: Option, /// VerifyDigest validates that images have a digest. #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyDigest")] pub verify_digest: Option, @@ -7311,6 +7314,15 @@ pub enum ClusterPolicyStatusAutogenRulesVerifyImagesType { Notary, } +/// ImageVerification validates that images that match the specified pattern +/// are signed with the supplied public key. Once the image is verified it is +/// mutated to include the SHA digest retrieved during the registration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterPolicyStatusAutogenRulesVerifyImagesValidationFailureAction { + Audit, + Enforce, +} + /// RuleCountStatus contains four variables which describes counts for /// validate, generate, mutate and verify images rules #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/kyverno_io/v2beta1/policies.rs b/kube-custom-resources-rs/src/kyverno_io/v2beta1/policies.rs index 00998e101..e2427c0fd 100644 --- a/kube-custom-resources-rs/src/kyverno_io/v2beta1/policies.rs +++ b/kube-custom-resources-rs/src/kyverno_io/v2beta1/policies.rs @@ -1739,9 +1739,9 @@ pub struct PolicyRulesValidate { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurity")] pub pod_security: Option, /// ValidationFailureAction defines if a validation policy rule violation should block - /// the admission review request (enforce), or allow (audit) the admission review request + /// the admission review request (Enforce), or allow (Audit) the admission review request /// and report an error in a policy report. Optional. - /// Allowed values are audit or enforce. + /// Allowed values are Audit or Enforce. #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] pub validation_failure_action: Option, /// ValidationFailureActionOverrides is a Cluster Policy attribute that specifies ValidationFailureAction @@ -2828,14 +2828,8 @@ pub enum PolicyRulesValidatePodSecurityVersion { /// Validation is used to validate matching resources. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum PolicyRulesValidateValidationFailureAction { - #[serde(rename = "audit")] Audit, - #[serde(rename = "enforce")] Enforce, - #[serde(rename = "Audit")] - AuditX, - #[serde(rename = "Enforce")] - EnforceX, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2943,6 +2937,9 @@ pub struct PolicyRulesVerifyImages { /// UseCache enables caching of image verify responses for this rule #[serde(default, skip_serializing_if = "Option::is_none", rename = "useCache")] pub use_cache: Option, + /// Allowed values are Audit or Enforce. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] + pub validation_failure_action: Option, /// VerifyDigest validates that images have a digest. #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyDigest")] pub verify_digest: Option, @@ -3554,6 +3551,15 @@ pub enum PolicyRulesVerifyImagesType { Notary, } +/// ImageVerification validates that images that match the specified pattern +/// are signed with the supplied public key. Once the image is verified it is +/// mutated to include the SHA digest retrieved during the registration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PolicyRulesVerifyImagesValidationFailureAction { + Audit, + Enforce, +} + /// Spec defines policy behaviors and contains one or more rules. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum PolicyValidationFailureAction { @@ -5564,9 +5570,9 @@ pub struct PolicyStatusAutogenRulesValidate { #[serde(default, skip_serializing_if = "Option::is_none", rename = "podSecurity")] pub pod_security: Option, /// ValidationFailureAction defines if a validation policy rule violation should block - /// the admission review request (enforce), or allow (audit) the admission review request + /// the admission review request (Enforce), or allow (Audit) the admission review request /// and report an error in a policy report. Optional. - /// Allowed values are audit or enforce. + /// Allowed values are Audit or Enforce. #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] pub validation_failure_action: Option, /// ValidationFailureActionOverrides is a Cluster Policy attribute that specifies ValidationFailureAction @@ -6561,14 +6567,8 @@ pub enum PolicyStatusAutogenRulesValidatePodSecurityVersion { /// Validation is used to validate matching resources. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum PolicyStatusAutogenRulesValidateValidationFailureAction { - #[serde(rename = "audit")] Audit, - #[serde(rename = "enforce")] Enforce, - #[serde(rename = "Audit")] - AuditX, - #[serde(rename = "Enforce")] - EnforceX, } #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -6701,6 +6701,9 @@ pub struct PolicyStatusAutogenRulesVerifyImages { /// UseCache enables caching of image verify responses for this rule. #[serde(default, skip_serializing_if = "Option::is_none", rename = "useCache")] pub use_cache: Option, + /// Allowed values are Audit or Enforce. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "validationFailureAction")] + pub validation_failure_action: Option, /// VerifyDigest validates that images have a digest. #[serde(default, skip_serializing_if = "Option::is_none", rename = "verifyDigest")] pub verify_digest: Option, @@ -7312,6 +7315,15 @@ pub enum PolicyStatusAutogenRulesVerifyImagesType { Notary, } +/// ImageVerification validates that images that match the specified pattern +/// are signed with the supplied public key. Once the image is verified it is +/// mutated to include the SHA digest retrieved during the registration. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PolicyStatusAutogenRulesVerifyImagesValidationFailureAction { + Audit, + Enforce, +} + /// RuleCountStatus contains four variables which describes counts for /// validate, generate, mutate and verify images rules #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs index 43cec0909..5ed3a8c71 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngclusteroutputs.rs @@ -43,6 +43,8 @@ pub struct SyslogNGClusterOutputSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub openobserve: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub opentelemetry: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub redis: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub s3: Option, @@ -2067,6 +2069,197 @@ pub enum SyslogNGClusterOutputOpenobserveTlsSslVersion { Tlsv13, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetry { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub auth: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-bytes")] + pub batch_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-lines")] + pub batch_lines: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-timeout")] + pub batch_timeout: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub channel_args: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disk_buffer: Option, + pub url: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuth { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub adc: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub alts: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub insecure: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthAdc { +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthAlts { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "target-service-accounts")] + pub target_service_accounts: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthInsecure { +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTls { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key_file: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCaFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCaFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCaFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCaFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCaFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCertFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCertFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCertFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCertFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsCertFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsKeyFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsKeyFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsKeyFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsKeyFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryAuthTlsKeyFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGClusterOutputOpentelemetryDiskBuffer { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub compaction: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dir: Option, + pub disk_buf_size: i64, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mem_buf_length: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mem_buf_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub q_out_size: Option, + pub reliable: bool, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SyslogNGClusterOutputRedis { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngoutputs.rs b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngoutputs.rs index 139195cd6..10764b9e3 100644 --- a/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngoutputs.rs +++ b/kube-custom-resources-rs/src/logging_banzaicloud_io/v1beta1/syslogngoutputs.rs @@ -41,6 +41,8 @@ pub struct SyslogNGOutputSpec { #[serde(default, skip_serializing_if = "Option::is_none")] pub openobserve: Option, #[serde(default, skip_serializing_if = "Option::is_none")] + pub opentelemetry: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] pub redis: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub s3: Option, @@ -2065,6 +2067,197 @@ pub enum SyslogNGOutputOpenobserveTlsSslVersion { Tlsv13, } +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetry { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub auth: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-bytes")] + pub batch_bytes: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-lines")] + pub batch_lines: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "batch-timeout")] + pub batch_timeout: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub channel_args: Option>, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub compression: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub disk_buffer: Option, + pub url: String, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuth { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub adc: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub alts: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub insecure: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub tls: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthAdc { +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthAlts { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "target-service-accounts")] + pub target_service_accounts: Option>, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthInsecure { +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTls { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert_file: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub key_file: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCaFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCaFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCaFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCaFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCaFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCertFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCertFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCertFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCertFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsCertFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsKeyFile { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mountFrom")] + pub mount_from: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueFrom")] + pub value_from: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsKeyFileMountFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsKeyFileMountFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsKeyFileValueFrom { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKeyRef")] + pub secret_key_ref: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryAuthTlsKeyFileValueFromSecretKeyRef { + pub key: String, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct SyslogNGOutputOpentelemetryDiskBuffer { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub compaction: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dir: Option, + pub disk_buf_size: i64, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mem_buf_length: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub mem_buf_size: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub q_out_size: Option, + pub reliable: bool, +} + #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct SyslogNGOutputRedis { #[serde(default, skip_serializing_if = "Option::is_none")] diff --git a/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/acls.rs b/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/acls.rs index d8b35fb46..939edacaa 100644 --- a/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/acls.rs +++ b/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/acls.rs @@ -72,6 +72,8 @@ pub struct ACLUserRefs { pub struct ACLUserRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// ACLStatus defines the observed state of ACL diff --git a/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/clusters.rs b/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/clusters.rs index e286a5e2c..20c1dbe6d 100644 --- a/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/clusters.rs +++ b/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/clusters.rs @@ -181,6 +181,8 @@ pub struct ClusterAclRef { pub struct ClusterAclRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -205,6 +207,8 @@ pub struct ClusterParameterGroupRef { pub struct ClusterParameterGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -229,6 +233,8 @@ pub struct ClusterSecurityGroupRefs { pub struct ClusterSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -253,6 +259,8 @@ pub struct ClusterSnapshotRef { pub struct ClusterSnapshotRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -277,6 +285,8 @@ pub struct ClusterSnsTopicRef { pub struct ClusterSnsTopicRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -301,6 +311,8 @@ pub struct ClusterSubnetGroupRef { pub struct ClusterSubnetGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// A tag that can be added to an MemoryDB resource. Tags are composed of a Key/Value diff --git a/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/snapshots.rs b/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/snapshots.rs index 68bb695cf..198b8c671 100644 --- a/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/snapshots.rs +++ b/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/snapshots.rs @@ -82,6 +82,8 @@ pub struct SnapshotClusterRef { pub struct SnapshotClusterRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -106,6 +108,8 @@ pub struct SnapshotKmsKeyRef { pub struct SnapshotKmsKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// A tag that can be added to an MemoryDB resource. Tags are composed of a Key/Value diff --git a/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/subnetgroups.rs b/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/subnetgroups.rs index 1167020aa..13e8fc18e 100644 --- a/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/subnetgroups.rs +++ b/kube-custom-resources-rs/src/memorydb_services_k8s_aws/v1alpha1/subnetgroups.rs @@ -71,6 +71,8 @@ pub struct SubnetGroupSubnetRefs { pub struct SubnetGroupSubnetRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// A tag that can be added to an MemoryDB resource. Tags are composed of a Key/Value diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/alertmanagers.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/alertmanagers.rs index a12b5d89c..8bc87f700 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/alertmanagers.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/alertmanagers.rs @@ -1262,9 +1262,41 @@ pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -1340,6 +1372,203 @@ pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2ClientSecr pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerAlertmanagerConfigurationGlobalHttpConfigOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerAlertmanagerConfigurationGlobalHttpConfigTlsConfig { @@ -7281,6 +7510,9 @@ pub struct AlertmanagerStatus { /// Total number of non-terminated pods targeted by this Alertmanager /// object (their labels match the selector). pub replicas: i32, + /// The selector used to match the pods targeted by this Alertmanager object. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub selector: Option, /// Total number of unavailable pods targeted by this Alertmanager object. #[serde(rename = "unavailableReplicas")] pub unavailable_replicas: i32, diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs index dfb92f4dd..189de6a53 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/podmonitors.rs @@ -519,9 +519,41 @@ pub struct PodMonitorPodMetricsEndpointsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -597,6 +629,203 @@ pub struct PodMonitorPodMetricsEndpointsOauth2ClientSecret { pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodMonitorPodMetricsEndpointsOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodMonitorPodMetricsEndpointsOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodMonitorPodMetricsEndpointsOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodMonitorPodMetricsEndpointsOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodMonitorPodMetricsEndpointsOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodMonitorPodMetricsEndpointsOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodMonitorPodMetricsEndpointsOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodMonitorPodMetricsEndpointsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PodMonitorPodMetricsEndpointsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PodMonitorPodMetricsEndpointsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PodMonitorPodMetricsEndpointsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, /// scraped samples and remote write samples. /// diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/probes.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/probes.rs index d9ef71151..484baa590 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/probes.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/probes.rs @@ -328,9 +328,41 @@ pub struct ProbeOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -406,6 +438,203 @@ pub struct ProbeOauth2ClientSecret { pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProbeOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProbeOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProbeOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProbeOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProbeOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProbeOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProbeOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProbeOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ProbeOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ProbeOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ProbeOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// Specification for the prober to use for probing targets. /// The prober.URL parameter is required. Targets cannot be probed if left empty. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs index 622d822f2..e9fc32196 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/prometheuses.rs @@ -736,7 +736,10 @@ pub struct PrometheusSpec { /// Prometheus Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, - /// Defines the service discovery role used to discover targets from `ServiceMonitor` objects. + /// Defines the service discovery role used to discover targets from + /// `ServiceMonitor` objects and Alertmanager endpoints. + /// + /// /// If set, the value should be either "Endpoints" or "EndpointSlice". /// If unset, the operator assumes the "Endpoints" role. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDiscoveryRole")] @@ -1663,7 +1666,7 @@ pub struct PrometheusAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDurin /// Defines the settings related to Alertmanager. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAlerting { - /// AlertmanagerEndpoints Prometheus should fire alerts against. + /// Alertmanager endpoints where Prometheus should send alerts to. pub alertmanagers: Vec, } @@ -5689,9 +5692,41 @@ pub struct PrometheusRemoteReadOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -5767,6 +5802,203 @@ pub struct PrometheusRemoteReadOauth2ClientSecret { pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteReadOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteReadOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteReadOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteReadOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteReadOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteReadOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteReadOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteReadOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteReadOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusRemoteReadOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusRemoteReadOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusRemoteReadProxyConnectHeader { @@ -6353,9 +6585,41 @@ pub struct PrometheusRemoteWriteOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -6431,6 +6695,203 @@ pub struct PrometheusRemoteWriteOauth2ClientSecret { pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteWriteOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteWriteOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteWriteOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteWriteOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteWriteOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteWriteOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteWriteOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteWriteOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusRemoteWriteOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusRemoteWriteOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusRemoteWriteOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusRemoteWriteProxyConnectHeader { diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs index 3e661905b..2eee8ab03 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1/servicemonitors.rs @@ -515,9 +515,41 @@ pub struct ServiceMonitorEndpointsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -593,6 +625,203 @@ pub struct ServiceMonitorEndpointsOauth2ClientSecret { pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ServiceMonitorEndpointsOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ServiceMonitorEndpointsOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ServiceMonitorEndpointsOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ServiceMonitorEndpointsOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ServiceMonitorEndpointsOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ServiceMonitorEndpointsOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ServiceMonitorEndpointsOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ServiceMonitorEndpointsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ServiceMonitorEndpointsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ServiceMonitorEndpointsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ServiceMonitorEndpointsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, /// scraped samples and remote write samples. /// diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs index 76e2a1876..296104506 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/alertmanagerconfigs.rs @@ -425,9 +425,41 @@ pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -503,6 +535,203 @@ pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2ClientSecret pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigTlsConfig { @@ -1141,9 +1370,41 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -1219,33 +1480,53 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2ClientSecret pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1253,18 +1534,18 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1283,7 +1564,7 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaConfigM /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1302,18 +1583,18 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaSecret /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1332,7 +1613,7 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertConfi /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1351,7 +1632,7 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertSecre /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1368,9 +1649,10 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigKeySecret pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1381,9 +1663,10 @@ pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMaxVersion Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1394,30 +1677,205 @@ pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMinVersion Tls13, } -/// MSTeams webhook URL. +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsWebhookUrl { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// OpsGenieConfig configures notifications via OpsGenie. -/// See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigs { - /// Comma separated list of actions that will be available for the alert. + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// MSTeams webhook URL. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsWebhookUrl { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// OpsGenieConfig configures notifications via OpsGenie. +/// See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigs { + /// Comma separated list of actions that will be available for the alert. #[serde(default, skip_serializing_if = "Option::is_none")] pub actions: Option, /// The secret's key that contains the OpsGenie API key. @@ -1656,9 +2114,41 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -1734,33 +2224,53 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2ClientSecre pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1768,18 +2278,18 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1798,7 +2308,7 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaConfig /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1817,18 +2327,18 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaSecret /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1847,7 +2357,7 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertConf /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1866,7 +2376,7 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertSecr /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1883,9 +2393,10 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigKeySecre pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1896,9 +2407,10 @@ pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMaxVersion Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1909,19 +2421,194 @@ pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMinVersion Tls13, } -/// OpsGenieConfigResponder defines a responder to an incident. -/// One of `id`, `name` or `username` has to be defined. +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsResponders { - /// ID of the responder. +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub id: Option, - /// Name of the responder. + pub ca: Option, + /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Type of responder. - #[serde(rename = "type")] - pub r#type: String, + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// OpsGenieConfigResponder defines a responder to an incident. +/// One of `id`, `name` or `username` has to be defined. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsResponders { + /// ID of the responder. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + /// Name of the responder. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Type of responder. + #[serde(rename = "type")] + pub r#type: String, /// Username of the responder. #[serde(default, skip_serializing_if = "Option::is_none")] pub username: Option, @@ -2156,9 +2843,41 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -2234,33 +2953,53 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2ClientSecr pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -2268,18 +3007,18 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2298,7 +3037,7 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaConfi /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2317,18 +3056,18 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaSecre /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2347,7 +3086,7 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertCon /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2366,7 +3105,7 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertSec /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2383,9 +3122,10 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigKeySecr pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2396,9 +3136,10 @@ pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMaxVersio Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2409,31 +3150,206 @@ pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMinVersio Tls13, } -/// PagerDutyImageConfig attaches images to an incident -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsPagerDutyImageConfigs { - /// Alt is the optional alternative text for the image. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub alt: Option, - /// Optional URL; makes the image a clickable link. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub href: Option, - /// Src of the image being attached to the incident - #[serde(default, skip_serializing_if = "Option::is_none")] - pub src: Option, -} - -/// PagerDutyLinkConfig attaches text links to an incident +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsPagerDutyLinkConfigs { - /// Text that describes the purpose of the link, and can be used as the link's text. +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub alt: Option, - /// Href is the URL of the link to be attached + pub ca: Option, + /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub href: Option, -} - + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// PagerDutyImageConfig attaches images to an incident +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsPagerDutyImageConfigs { + /// Alt is the optional alternative text for the image. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub alt: Option, + /// Optional URL; makes the image a clickable link. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub href: Option, + /// Src of the image being attached to the incident + #[serde(default, skip_serializing_if = "Option::is_none")] + pub src: Option, +} + +/// PagerDutyLinkConfig attaches text links to an incident +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsPagerDutyLinkConfigs { + /// Text that describes the purpose of the link, and can be used as the link's text. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub alt: Option, + /// Href is the URL of the link to be attached + #[serde(default, skip_serializing_if = "Option::is_none")] + pub href: Option, +} + /// The secret's key that contains the PagerDuty integration key (when using /// Events API v2). Either this field or `serviceKey` needs to be defined. /// The secret needs to be in the same namespace as the AlertmanagerConfig @@ -2707,9 +3623,41 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -2785,33 +3733,53 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2ClientSecre pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -2819,18 +3787,18 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2849,7 +3817,7 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaConfig /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2868,18 +3836,18 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaSecret /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2898,7 +3866,7 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertConf /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2917,7 +3885,7 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertSecr /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2934,9 +3902,10 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigKeySecre pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2947,9 +3916,10 @@ pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMaxVersion Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2960,21 +3930,196 @@ pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMinVersion Tls13, } -/// The secret's key that contains the registered application's API token, see https://pushover.net/apps. -/// The secret needs to be in the same namespace as the AlertmanagerConfig -/// object and accessible by the Prometheus Operator. -/// Either `token` or `tokenFile` is required. +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsToken { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// The secret's key that contains the registered application's API token, see https://pushover.net/apps. +/// The secret needs to be in the same namespace as the AlertmanagerConfig +/// object and accessible by the Prometheus Operator. +/// Either `token` or `tokenFile` is required. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsToken { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, /// Specify whether the Secret or its key must be defined @@ -3296,9 +4441,41 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -3374,33 +4551,53 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2ClientSecret { pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -3408,18 +4605,18 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3438,7 +4635,7 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaConfigMap /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3457,18 +4654,18 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3487,7 +4684,7 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertConfigM /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3506,7 +4703,7 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertSecret /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3523,9 +4720,10 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3536,9 +4734,10 @@ pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMaxVersion { Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3549,23 +4748,198 @@ pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMinVersion { Tls13, } -/// SNSConfig configures notifications via AWS SNS. -/// See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigs { - /// The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. - /// If not specified, the SNS API URL from the SNS SDK will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiURL")] - pub api_url: Option, - /// SNS message attributes. +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub attributes: Option>, - /// HTTP client configuration. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] - pub http_config: Option, - /// The message content of the SNS notification. + pub ca: Option, + /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub message: Option, + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SNSConfig configures notifications via AWS SNS. +/// See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigs { + /// The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. + /// If not specified, the SNS API URL from the SNS SDK will be used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiURL")] + pub api_url: Option, + /// SNS message attributes. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub attributes: Option>, + /// HTTP client configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] + pub http_config: Option, + /// The message content of the SNS notification. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, /// Phone number if message is delivered via SMS in E.164 format. /// If you don't specify this value, you must specify a value for the TopicARN or TargetARN. #[serde(default, skip_serializing_if = "Option::is_none", rename = "phoneNumber")] @@ -3748,9 +5122,41 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -3826,33 +5232,53 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2ClientSecret { pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -3860,18 +5286,18 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3890,7 +5316,7 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3909,18 +5335,18 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3939,7 +5365,7 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertConfigMap /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3958,7 +5384,7 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3975,9 +5401,10 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3988,9 +5415,10 @@ pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMaxVersion { Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -4001,27 +5429,202 @@ pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMinVersion { Tls13, } -/// Configures AWS's Signature Verification 4 signing process to sign requests. +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsSigv4 { - /// AccessKey is the AWS API key. If not specified, the environment variable - /// `AWS_ACCESS_KEY_ID` is used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] - pub access_key: Option, - /// Profile is the named AWS profile used to authenticate. +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub profile: Option, - /// Region is the AWS region. If blank, the region from the default credentials chain used. + pub ca: Option, + /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub region: Option, - /// RoleArn is the named AWS profile used to authenticate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleArn")] - pub role_arn: Option, - /// SecretKey is the AWS API secret. If not specified, the environment - /// variable `AWS_SECRET_ACCESS_KEY` is used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] - pub secret_key: Option, -} + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// Configures AWS's Signature Verification 4 signing process to sign requests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsSigv4 { + /// AccessKey is the AWS API key. If not specified, the environment variable + /// `AWS_ACCESS_KEY_ID` is used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] + pub access_key: Option, + /// Profile is the named AWS profile used to authenticate. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub profile: Option, + /// Region is the AWS region. If blank, the region from the default credentials chain used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub region: Option, + /// RoleArn is the named AWS profile used to authenticate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleArn")] + pub role_arn: Option, + /// SecretKey is the AWS API secret. If not specified, the environment + /// variable `AWS_SECRET_ACCESS_KEY` is used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] + pub secret_key: Option, +} /// AccessKey is the AWS API key. If not specified, the environment variable /// `AWS_ACCESS_KEY_ID` is used. @@ -4289,9 +5892,41 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -4367,33 +6002,53 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2ClientSecre pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -4401,18 +6056,18 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4431,7 +6086,7 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaConfig /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4450,18 +6105,18 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaSecret /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4480,7 +6135,7 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertConf /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4499,7 +6154,7 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertSecr /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4516,9 +6171,10 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigKeySecre pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -4529,9 +6185,10 @@ pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMaxVersion Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -4542,25 +6199,200 @@ pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMinVersion Tls13, } -/// TelegramConfig configures notifications via Telegram. -/// See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversTelegramConfigsParseMode { - MarkdownV2, - Markdown, - #[serde(rename = "HTML")] - Html, -} - -/// VictorOpsConfig configures notifications via VictorOps. -/// See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigs { - /// The secret's key that contains the API key to use when talking to the VictorOps API. - /// The secret needs to be in the same namespace as the AlertmanagerConfig - /// object and accessible by the Prometheus Operator. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] - pub api_key: Option, +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TelegramConfig configures notifications via Telegram. +/// See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversTelegramConfigsParseMode { + MarkdownV2, + Markdown, + #[serde(rename = "HTML")] + Html, +} + +/// VictorOpsConfig configures notifications via VictorOps. +/// See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigs { + /// The secret's key that contains the API key to use when talking to the VictorOps API. + /// The secret needs to be in the same namespace as the AlertmanagerConfig + /// object and accessible by the Prometheus Operator. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] + pub api_key: Option, /// The VictorOps API URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiUrl")] pub api_url: Option, @@ -4779,9 +6611,41 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -4857,33 +6721,53 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2ClientSecr pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -4891,18 +6775,18 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4921,7 +6805,7 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaConfi /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4940,18 +6824,18 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaSecre /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4970,7 +6854,7 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertCon /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4989,7 +6873,7 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertSec /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5006,9 +6890,10 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigKeySecr pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5019,9 +6904,10 @@ pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMaxVersio Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5032,19 +6918,194 @@ pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMinVersio Tls13, } -/// WebexConfig configures notification via Cisco Webex -/// See https://prometheus.io/docs/alerting/latest/configuration/#webex_config +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigs { - /// The Webex Teams API URL i.e. https://webexapis.com/v1/messages - /// Provide if different from the default API URL. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiURL")] - pub api_url: Option, - /// The HTTP client's configuration. - /// You must supply the bot token via the `httpConfig.authorization` field. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] - pub http_config: Option, - /// Message template +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// WebexConfig configures notification via Cisco Webex +/// See https://prometheus.io/docs/alerting/latest/configuration/#webex_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigs { + /// The Webex Teams API URL i.e. https://webexapis.com/v1/messages + /// Provide if different from the default API URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiURL")] + pub api_url: Option, + /// The HTTP client's configuration. + /// You must supply the bot token via the `httpConfig.authorization` field. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] + pub http_config: Option, + /// Message template #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, /// ID of the Webex Teams room where to send the messages. @@ -5215,9 +7276,41 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -5293,33 +7386,53 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2ClientSecret { pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -5327,18 +7440,18 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5357,7 +7470,7 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaConfigMap /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5376,18 +7489,18 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5406,7 +7519,7 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertConfigM /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5425,7 +7538,7 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertSecret /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5442,9 +7555,10 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5455,9 +7569,10 @@ pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMaxVersion { Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5468,28 +7583,203 @@ pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMinVersion { Tls13, } -/// WebhookConfig configures notifications via a generic receiver supporting the webhook payload. -/// See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigs { - /// HTTP client configuration. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] - pub http_config: Option, - /// Maximum number of alerts to be sent per webhook message. When 0, all alerts are included. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxAlerts")] - pub max_alerts: Option, - /// Whether or not to notify about resolved alerts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sendResolved")] - pub send_resolved: Option, - /// The URL to send HTTP POST requests to. `urlSecret` takes precedence over - /// `url`. One of `urlSecret` and `url` should be defined. +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub url: Option, - /// The secret's key that contains the webhook URL to send HTTP requests to. - /// `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` - /// should be defined. - /// The secret needs to be in the same namespace as the AlertmanagerConfig - /// object and accessible by the Prometheus Operator. + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// WebhookConfig configures notifications via a generic receiver supporting the webhook payload. +/// See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigs { + /// HTTP client configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] + pub http_config: Option, + /// Maximum number of alerts to be sent per webhook message. When 0, all alerts are included. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxAlerts")] + pub max_alerts: Option, + /// Whether or not to notify about resolved alerts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sendResolved")] + pub send_resolved: Option, + /// The URL to send HTTP POST requests to. `urlSecret` takes precedence over + /// `url`. One of `urlSecret` and `url` should be defined. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// The secret's key that contains the webhook URL to send HTTP requests to. + /// `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` + /// should be defined. + /// The secret needs to be in the same namespace as the AlertmanagerConfig + /// object and accessible by the Prometheus Operator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlSecret")] pub url_secret: Option, } @@ -5593,14 +7883,243 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBasicAuthPassword pub name: Option, /// Specify whether the Secret or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, + pub optional: Option, +} + +/// `username` specifies a key of a Secret containing the username for +/// authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// The secret's key that contains the bearer token to be used by the client +/// for authentication. +/// The secret needs to be in the same namespace as the AlertmanagerConfig +/// object and accessible by the Prometheus Operator. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBearerTokenSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// OAuth2 client credentials used to fetch a token for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the + /// OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 + /// client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token + /// URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// `scopes` defines the OAuth2 scopes used for the token request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// `clientId` specifies a key of a Secret or ConfigMap containing the +/// OAuth2 client's ID. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientId { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `clientSecret` specifies a key of a Secret containing the OAuth2 +/// client's secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, } -/// `username` specifies a key of a Secret containing the username for -/// authentication. +/// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBasicAuthUsername { - /// The key of the secret to select from. Must be a valid secret key. +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCaConfigMap { + /// The key to select. pub key: String, /// Name of the referent. /// This field is effectively required, but due to backwards compatibility is @@ -5611,17 +8130,14 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBasicAuthUsername /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret or its key must be defined + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// The secret's key that contains the bearer token to be used by the client -/// for authentication. -/// The secret needs to be in the same namespace as the AlertmanagerConfig -/// object and accessible by the Prometheus Operator. +/// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBearerTokenSecret { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5638,44 +8154,20 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBearerTokenSecret pub optional: Option, } -/// OAuth2 client credentials used to fetch a token for the targets. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2 { - /// `clientId` specifies a key of a Secret or ConfigMap containing the - /// OAuth2 client's ID. - #[serde(rename = "clientId")] - pub client_id: AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientId, - /// `clientSecret` specifies a key of a Secret containing the OAuth2 - /// client's secret. - #[serde(rename = "clientSecret")] - pub client_secret: AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret, - /// `endpointParams` configures the HTTP parameters to append to the token - /// URL. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] - pub endpoint_params: Option>, - /// `scopes` defines the OAuth2 scopes used for the token request. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scopes: Option>, - /// `tokenURL` configures the URL to fetch the token from. - #[serde(rename = "tokenUrl")] - pub token_url: String, -} - -/// `clientId` specifies a key of a Secret or ConfigMap containing the -/// OAuth2 client's ID. +/// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientId { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdConfigMap { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5694,7 +8186,7 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdConf /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdSecret { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5711,10 +8203,9 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdSecr pub optional: Option, } -/// `clientSecret` specifies a key of a Secret containing the OAuth2 -/// client's secret. +/// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5731,6 +8222,34 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret pub optional: Option, } +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigTlsConfig { @@ -6145,9 +8664,41 @@ pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -6223,6 +8774,203 @@ pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2ClientSecret pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigTlsConfig { diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs index 7d7e62c0a..038912df0 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/prometheusagents.rs @@ -620,7 +620,10 @@ pub struct PrometheusAgentSpec { /// Prometheus Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceAccountName")] pub service_account_name: Option, - /// Defines the service discovery role used to discover targets from `ServiceMonitor` objects. + /// Defines the service discovery role used to discover targets from + /// `ServiceMonitor` objects and Alertmanager endpoints. + /// + /// /// If set, the value should be either "Endpoints" or "EndpointSlice". /// If unset, the operator assumes the "Endpoints" role. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceDiscoveryRole")] @@ -4971,9 +4974,41 @@ pub struct PrometheusAgentRemoteWriteOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -5049,6 +5084,203 @@ pub struct PrometheusAgentRemoteWriteOauth2ClientSecret { pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRemoteWriteOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRemoteWriteOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRemoteWriteOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRemoteWriteOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRemoteWriteOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRemoteWriteOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRemoteWriteOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRemoteWriteOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PrometheusAgentRemoteWriteOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusAgentRemoteWriteOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PrometheusAgentRemoteWriteOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PrometheusAgentRemoteWriteProxyConnectHeader { diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs index 3fcab5924..a1c10ba58 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1alpha1/scrapeconfigs.rs @@ -131,6 +131,9 @@ pub struct ScrapeConfigSpec { /// It requires Prometheus >= v2.43.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] pub no_proxy: Option, + /// OAuth2 client credentials used to fetch a token for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub oauth2: Option, /// OpenStackSDConfigs defines a list of OpenStack service discovery configurations. #[serde(default, skip_serializing_if = "Option::is_none", rename = "openstackSDConfigs")] pub openstack_sd_configs: Option>, @@ -389,9 +392,41 @@ pub struct ScrapeConfigNomadSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -467,6 +502,203 @@ pub struct ScrapeConfigNomadSdConfigsOauth2ClientSecret { pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigNomadSdConfigsOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigNomadSdConfigsOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigNomadSdConfigsOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigNomadSdConfigsOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigNomadSdConfigsOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigNomadSdConfigsOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigNomadSdConfigsOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigNomadSdConfigsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigNomadSdConfigsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigNomadSdConfigsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigNomadSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScrapeConfigNomadSdConfigsProxyConnectHeader { @@ -1015,9 +1247,41 @@ pub struct ScrapeConfigConsulSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -1095,7 +1359,7 @@ pub struct ScrapeConfigConsulSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsProxyConnectHeader { +pub struct ScrapeConfigConsulSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1112,43 +1376,34 @@ pub struct ScrapeConfigConsulSdConfigsProxyConnectHeader { pub optional: Option, } -/// ConsulSDConfig defines a Consul service discovery configuration -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#consul_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigConsulSdConfigsScheme { - #[serde(rename = "HTTP")] - Http, - #[serde(rename = "HTTPS")] - Https, -} - -/// TLS Config +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfig { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1156,18 +1411,18 @@ pub struct ScrapeConfigConsulSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCa { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1186,7 +1441,7 @@ pub struct ScrapeConfigConsulSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1205,13 +1460,219 @@ pub struct ScrapeConfigConsulSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigConsulSdConfigsTlsConfigCert { +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigConsulSdConfigsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigConsulSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// ConsulSDConfig defines a Consul service discovery configuration +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#consul_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigConsulSdConfigsScheme { + #[serde(rename = "HTTP")] + Http, + #[serde(rename = "HTTPS")] + Https, +} + +/// TLS Config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigConsulSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, } /// ConfigMap containing data to use for the targets. @@ -1427,9 +1888,41 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -1507,7 +2000,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsProxyConnectHeader { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1524,33 +2017,34 @@ pub struct ScrapeConfigDigitalOceanSdConfigsProxyConnectHeader { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfig { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1558,18 +2052,18 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCa { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1588,7 +2082,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1607,18 +2101,18 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCert { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1637,7 +2131,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1656,7 +2150,7 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1673,9 +2167,10 @@ pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1686,9 +2181,10 @@ pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMinVersion { +pub enum ScrapeConfigDigitalOceanSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1699,17 +2195,211 @@ pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMinVersion { Tls13, } -/// DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. -/// The DNS servers to be contacted are read from /etc/resolv.conf. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDnsSdConfigs { - /// A list of DNS domain names to be queried. - pub names: Vec, +pub struct ScrapeConfigDigitalOceanSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDigitalOceanSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDigitalOceanSdConfigsTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// DNSSDConfig allows specifying a set of DNS domain names which are periodically queried to discover a list of targets. +/// The DNS servers to be contacted are read from /etc/resolv.conf. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDnsSdConfigs { + /// A list of DNS domain names to be queried. + pub names: Vec, /// The port number used if the query type is not SRV /// Ignored for SRV records #[serde(default, skip_serializing_if = "Option::is_none")] - pub port: Option, + pub port: Option, /// RefreshInterval configures the time after which the provided names are refreshed. /// If not set, Prometheus uses its default value. #[serde(default, skip_serializing_if = "Option::is_none", rename = "refreshInterval")] @@ -1718,7 +2408,8 @@ pub struct ScrapeConfigDnsSdConfigs { /// If not set, Prometheus uses its default value. /// /// - /// When set to NS, It requires Prometheus >= 2.49.0. + /// When set to NS, it requires Prometheus >= v2.49.0. + /// When set to MX, it requires Prometheus >= v2.38.0 #[serde(default, skip_serializing_if = "Option::is_none", rename = "type")] pub r#type: Option, } @@ -1728,8 +2419,6 @@ pub struct ScrapeConfigDnsSdConfigs { /// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dns_sd_config #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScrapeConfigDnsSdConfigsType { - #[serde(rename = "SRV")] - Srv, A, #[serde(rename = "AAAA")] Aaaa, @@ -1737,6 +2426,8 @@ pub enum ScrapeConfigDnsSdConfigsType { Mx, #[serde(rename = "NS")] Ns, + #[serde(rename = "SRV")] + Srv, } /// Docker SD configurations allow retrieving scrape targets from Docker Engine hosts. @@ -1924,9 +2615,41 @@ pub struct ScrapeConfigDockerSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -2004,7 +2727,7 @@ pub struct ScrapeConfigDockerSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsProxyConnectHeader { +pub struct ScrapeConfigDockerSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2021,33 +2744,34 @@ pub struct ScrapeConfigDockerSdConfigsProxyConnectHeader { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfig { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -2055,18 +2779,18 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCa { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2085,7 +2809,7 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2104,18 +2828,18 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCert { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2134,7 +2858,7 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2153,7 +2877,7 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigDockerSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2170,9 +2894,10 @@ pub struct ScrapeConfigDockerSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigDockerSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2183,7 +2908,202 @@ pub enum ScrapeConfigDockerSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScrapeConfigDockerSdConfigsTlsConfigMinVersion { #[serde(rename = "TLS10")] @@ -2382,9 +3302,41 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -2462,7 +3414,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsProxyConnectHeader { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2479,42 +3431,34 @@ pub struct ScrapeConfigDockerSwarmSdConfigsProxyConnectHeader { pub optional: Option, } -/// DockerSwarmSDConfig configurations allow retrieving scrape targets from Docker Swarm engine. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dockerswarm_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSwarmSdConfigsRole { - Services, - Tasks, - Nodes, -} - -/// TLS configuration to use on every scrape request +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfig { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -2522,18 +3466,18 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCa { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2552,7 +3496,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2571,18 +3515,18 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCert { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2601,7 +3545,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2620,7 +3564,7 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2637,9 +3581,10 @@ pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration to use on every scrape request +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2650,9 +3595,10 @@ pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration to use on every scrape request +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMinVersion { +pub enum ScrapeConfigDockerSwarmSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2663,8 +3609,211 @@ pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMinVersion { Tls13, } -/// EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. -/// The private IP address is used by default, but may be changed to the public IP address with relabeling. +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// DockerSwarmSDConfig configurations allow retrieving scrape targets from Docker Swarm engine. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#dockerswarm_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSwarmSdConfigsRole { + Services, + Tasks, + Nodes, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigDockerSwarmSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigDockerSwarmSdConfigsTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// EC2SDConfig allow retrieving scrape targets from AWS EC2 instances. +/// The private IP address is used by default, but may be changed to the public IP address with relabeling. /// The IAM credentials used must have the ec2:DescribeInstances permission to discover scrape targets /// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#ec2_sd_config #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2907,9 +4056,41 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -2987,7 +4168,7 @@ pub struct ScrapeConfigEurekaSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsProxyConnectHeader { +pub struct ScrapeConfigEurekaSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3004,33 +4185,34 @@ pub struct ScrapeConfigEurekaSdConfigsProxyConnectHeader { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfig { +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -3038,18 +4220,18 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCa { +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3068,7 +4250,7 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3087,18 +4269,18 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCert { +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3117,7 +4299,7 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3136,7 +4318,7 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigEurekaSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigEurekaSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3153,9 +4335,10 @@ pub struct ScrapeConfigEurekaSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigEurekaSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigEurekaSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3166,7 +4349,202 @@ pub enum ScrapeConfigEurekaSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigEurekaSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigEurekaSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigEurekaSdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration applying to the target HTTP endpoint. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScrapeConfigEurekaSdConfigsTlsConfigMinVersion { #[serde(rename = "TLS10")] @@ -3402,9 +4780,41 @@ pub struct ScrapeConfigHetznerSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -3482,7 +4892,7 @@ pub struct ScrapeConfigHetznerSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsProxyConnectHeader { +pub struct ScrapeConfigHetznerSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3499,48 +4909,34 @@ pub struct ScrapeConfigHetznerSdConfigsProxyConnectHeader { pub optional: Option, } -/// HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. -/// This service discovery uses the public IPv4 address by default, but that can be changed with relabeling -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigHetznerSdConfigsRole { - #[serde(rename = "hcloud")] - Hcloud, - #[serde(rename = "Hcloud")] - HcloudX, - #[serde(rename = "robot")] - Robot, - #[serde(rename = "Robot")] - RobotX, -} - -/// TLS configuration to use on every scrape request. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfig { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -3548,18 +4944,18 @@ pub struct ScrapeConfigHetznerSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCa { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3578,7 +4974,7 @@ pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3597,18 +4993,18 @@ pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCert { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3627,7 +5023,7 @@ pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3646,7 +5042,218 @@ pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigHetznerSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigHetznerSdConfigsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigHetznerSdConfigsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigHetznerSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// HetznerSDConfig allow retrieving scrape targets from Hetzner Cloud API and Robot API. +/// This service discovery uses the public IPv4 address by default, but that can be changed with relabeling +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#hetzner_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigHetznerSdConfigsRole { + #[serde(rename = "hcloud")] + Hcloud, + #[serde(rename = "Hcloud")] + HcloudX, + #[serde(rename = "robot")] + Robot, + #[serde(rename = "Robot")] + RobotX, +} + +/// TLS configuration to use on every scrape request. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigHetznerSdConfigsTlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4035,8 +5642,8 @@ pub struct ScrapeConfigKubernetesSdConfigs { #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiServer")] pub api_server: Option, /// Optional metadata to attach to discovered targets. - /// It requires Prometheus >= v2.35.0 for `pod` role and - /// Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles. + /// It requires Prometheus >= v2.35.0 when using the `Pod` role and + /// Prometheus >= v2.37.0 for `Endpoints` and `Endpointslice` roles. #[serde(default, skip_serializing_if = "Option::is_none", rename = "attachMetadata")] pub attach_metadata: Option, /// Authorization header to use on every scrape request. @@ -4089,18 +5696,20 @@ pub struct ScrapeConfigKubernetesSdConfigs { #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] pub proxy_url: Option, /// Role of the Kubernetes entities that should be discovered. + /// Role `Endpointslice` requires Prometheus >= v2.21.0 pub role: ScrapeConfigKubernetesSdConfigsRole, /// Selector to select objects. + /// It requires Prometheus >= v2.17.0 #[serde(default, skip_serializing_if = "Option::is_none")] pub selectors: Option>, - /// TLS configuration to use on every scrape request. + /// TLS configuration to connect to the Kubernetes API. #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] pub tls_config: Option, } /// Optional metadata to attach to discovered targets. -/// It requires Prometheus >= v2.35.0 for `pod` role and -/// Prometheus >= v2.37.0 for `endpoints` and `endpointslice` roles. +/// It requires Prometheus >= v2.35.0 when using the `Pod` role and +/// Prometheus >= v2.37.0 for `Endpoints` and `Endpointslice` roles. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScrapeConfigKubernetesSdConfigsAttachMetadata { /// Attaches node metadata to discovered targets. @@ -4209,7 +5818,7 @@ pub struct ScrapeConfigKubernetesSdConfigsNamespaces { /// If empty and `ownNamespace` isn't true, Prometheus watches for resources in all namespaces. #[serde(default, skip_serializing_if = "Option::is_none")] pub names: Option>, - /// Includes the namespace in which the Prometheus pod exists to the list of watched namesapces. + /// Includes the namespace in which the Prometheus pod runs to the list of watched namespaces. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ownNamespace")] pub own_namespace: Option, } @@ -4230,9 +5839,41 @@ pub struct ScrapeConfigKubernetesSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -4310,7 +5951,7 @@ pub struct ScrapeConfigKubernetesSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsProxyConnectHeader { +pub struct ScrapeConfigKubernetesSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4327,65 +5968,243 @@ pub struct ScrapeConfigKubernetesSdConfigsProxyConnectHeader { pub optional: Option, } -/// KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigKubernetesSdConfigsRole { - Node, - #[serde(rename = "node")] - NodeX, - Service, - #[serde(rename = "service")] - ServiceX, - Pod, - #[serde(rename = "pod")] - PodX, - Endpoints, - #[serde(rename = "endpoints")] - EndpointsX, - EndpointSlice, - #[serde(rename = "endpointslice")] - Endpointslice, - Ingress, - #[serde(rename = "ingress")] - IngressX, -} - -/// K8SSelectorConfig is Kubernetes Selector Config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct ScrapeConfigKubernetesSdConfigsSelectors { +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub field: Option, + pub ca: Option, + /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub label: Option, - /// Role is role of the service in Kubernetes. + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigKubernetesSdConfigsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigKubernetesSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// KubernetesSDConfig allows retrieving scrape targets from Kubernetes' REST API. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#kubernetes_sd_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigKubernetesSdConfigsRole { + Pod, + Endpoints, + Ingress, + Service, + Node, + EndpointSlice, +} + +/// K8SSelectorConfig is Kubernetes Selector Config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct ScrapeConfigKubernetesSdConfigsSelectors { + /// An optional field selector to limit the service discovery to resources which have fields with specific values. + /// e.g: `metadata.name=foobar` + #[serde(default, skip_serializing_if = "Option::is_none")] + pub field: Option, + /// An optional label selector to limit the service discovery to resources with specific labels and label values. + /// e.g: `node.kubernetes.io/instance-type=master` + #[serde(default, skip_serializing_if = "Option::is_none")] + pub label: Option, + /// Role specifies the type of Kubernetes resource to limit the service discovery to. + /// Accepted values are: Node, Pod, Endpoints, EndpointSlice, Service, Ingress. pub role: ScrapeConfigKubernetesSdConfigsSelectorsRole, } /// K8SSelectorConfig is Kubernetes Selector Config #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScrapeConfigKubernetesSdConfigsSelectorsRole { - Node, - #[serde(rename = "node")] - NodeX, - Service, - #[serde(rename = "service")] - ServiceX, Pod, - #[serde(rename = "pod")] - PodX, Endpoints, - #[serde(rename = "endpoints")] - EndpointsX, - EndpointSlice, - #[serde(rename = "endpointslice")] - Endpointslice, Ingress, - #[serde(rename = "ingress")] - IngressX, + Service, + Node, + EndpointSlice, } -/// TLS configuration to use on every scrape request. +/// TLS configuration to connect to the Kubernetes API. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScrapeConfigKubernetesSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. @@ -4534,7 +6353,7 @@ pub struct ScrapeConfigKubernetesSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration to use on every scrape request. +/// TLS configuration to connect to the Kubernetes API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScrapeConfigKubernetesSdConfigsTlsConfigMaxVersion { #[serde(rename = "TLS10")] @@ -4547,7 +6366,7 @@ pub enum ScrapeConfigKubernetesSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration to use on every scrape request. +/// TLS configuration to connect to the Kubernetes API. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] pub enum ScrapeConfigKubernetesSdConfigsTlsConfigMinVersion { #[serde(rename = "TLS10")] @@ -4729,9 +6548,41 @@ pub struct ScrapeConfigKumaSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -4809,7 +6660,7 @@ pub struct ScrapeConfigKumaSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKumaSdConfigsProxyConnectHeader { +pub struct ScrapeConfigKumaSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4826,33 +6677,34 @@ pub struct ScrapeConfigKumaSdConfigsProxyConnectHeader { pub optional: Option, } -/// TLS configuration to use on every scrape request +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKumaSdConfigsTlsConfig { +pub struct ScrapeConfigKumaSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -4860,18 +6712,18 @@ pub struct ScrapeConfigKumaSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKumaSdConfigsTlsConfigCa { +pub struct ScrapeConfigKumaSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKumaSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigKumaSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4890,7 +6742,7 @@ pub struct ScrapeConfigKumaSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKumaSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigKumaSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4909,18 +6761,18 @@ pub struct ScrapeConfigKumaSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKumaSdConfigsTlsConfigCert { +pub struct ScrapeConfigKumaSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKumaSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigKumaSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4939,7 +6791,7 @@ pub struct ScrapeConfigKumaSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKumaSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigKumaSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4958,7 +6810,7 @@ pub struct ScrapeConfigKumaSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigKumaSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigKumaSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4975,9 +6827,10 @@ pub struct ScrapeConfigKumaSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration to use on every scrape request +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigKumaSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigKumaSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -4988,9 +6841,10 @@ pub enum ScrapeConfigKumaSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration to use on every scrape request +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigKumaSdConfigsTlsConfigMinVersion { +pub enum ScrapeConfigKumaSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5001,15 +6855,209 @@ pub enum ScrapeConfigKumaSdConfigsTlsConfigMinVersion { Tls13, } -/// LightSailSDConfig configurations allow retrieving scrape targets from AWS Lightsail instances. -/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#lightsail_sd_config -/// TODO: Need to document that we will not be supporting the `_file` fields. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLightSailSdConfigs { - /// AccessKey is the AWS API key. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] - pub access_key: Option, - /// Optional `authorization` HTTP header configuration. +pub struct ScrapeConfigKumaSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKumaSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKumaSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKumaSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKumaSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKumaSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKumaSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKumaSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigKumaSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigKumaSdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use on every scrape request +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigKumaSdConfigsTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// LightSailSDConfig configurations allow retrieving scrape targets from AWS Lightsail instances. +/// See https://prometheus.io/docs/prometheus/latest/configuration/configuration/#lightsail_sd_config +/// TODO: Need to document that we will not be supporting the `_file` fields. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigs { + /// AccessKey is the AWS API key. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] + pub access_key: Option, + /// Optional `authorization` HTTP header configuration. /// Cannot be set at the same time as `basicAuth`, or `oauth2`. #[serde(default, skip_serializing_if = "Option::is_none")] pub authorization: Option, @@ -5205,9 +7253,41 @@ pub struct ScrapeConfigLightSailSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -5285,26 +7365,7 @@ pub struct ScrapeConfigLightSailSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLightSailSdConfigsProxyConnectHeader { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined - #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// SecretKey is the AWS API secret. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLightSailSdConfigsSecretKey { +pub struct ScrapeConfigLightSailSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5321,27 +7382,243 @@ pub struct ScrapeConfigLightSailSdConfigsSecretKey { pub optional: Option, } -/// TLS configuration to connect to the Puppet DB. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLightSailSdConfigsTlsConfig { +pub struct ScrapeConfigLightSailSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigLightSailSdConfigsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigLightSailSdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// SecretKey is the AWS API secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsSecretKey { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to connect to the Puppet DB. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLightSailSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, /// Minimum acceptable TLS version. /// /// @@ -5610,9 +7887,41 @@ pub struct ScrapeConfigLinodeSdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -5690,7 +7999,7 @@ pub struct ScrapeConfigLinodeSdConfigsOauth2ClientSecret { /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLinodeSdConfigsProxyConnectHeader { +pub struct ScrapeConfigLinodeSdConfigsOauth2ProxyConnectHeader { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5707,33 +8016,34 @@ pub struct ScrapeConfigLinodeSdConfigsProxyConnectHeader { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLinodeSdConfigsTlsConfig { +pub struct ScrapeConfigLinodeSdConfigsOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -5741,18 +8051,18 @@ pub struct ScrapeConfigLinodeSdConfigsTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLinodeSdConfigsTlsConfigCa { +pub struct ScrapeConfigLinodeSdConfigsOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLinodeSdConfigsTlsConfigCaConfigMap { +pub struct ScrapeConfigLinodeSdConfigsOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5771,7 +8081,7 @@ pub struct ScrapeConfigLinodeSdConfigsTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLinodeSdConfigsTlsConfigCaSecret { +pub struct ScrapeConfigLinodeSdConfigsOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5790,18 +8100,18 @@ pub struct ScrapeConfigLinodeSdConfigsTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLinodeSdConfigsTlsConfigCert { +pub struct ScrapeConfigLinodeSdConfigsOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLinodeSdConfigsTlsConfigCertConfigMap { +pub struct ScrapeConfigLinodeSdConfigsOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5820,7 +8130,7 @@ pub struct ScrapeConfigLinodeSdConfigsTlsConfigCertConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLinodeSdConfigsTlsConfigCertSecret { +pub struct ScrapeConfigLinodeSdConfigsOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5839,7 +8149,7 @@ pub struct ScrapeConfigLinodeSdConfigsTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigLinodeSdConfigsTlsConfigKeySecret { +pub struct ScrapeConfigLinodeSdConfigsOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5856,9 +8166,10 @@ pub struct ScrapeConfigLinodeSdConfigsTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigLinodeSdConfigsTlsConfigMaxVersion { +pub enum ScrapeConfigLinodeSdConfigsOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5869,9 +8180,10 @@ pub enum ScrapeConfigLinodeSdConfigsTlsConfigMaxVersion { Tls13, } -/// TLS configuration applying to the target HTTP endpoint. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigLinodeSdConfigsTlsConfigMinVersion { +pub enum ScrapeConfigLinodeSdConfigsOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5882,13 +8194,207 @@ pub enum ScrapeConfigLinodeSdConfigsTlsConfigMinVersion { Tls13, } -/// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, -/// scraped samples and remote write samples. -/// -/// -/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct ScrapeConfigMetricRelabelings { +pub struct ScrapeConfigLinodeSdConfigsProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLinodeSdConfigsTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLinodeSdConfigsTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLinodeSdConfigsTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLinodeSdConfigsTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLinodeSdConfigsTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLinodeSdConfigsTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLinodeSdConfigsTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigLinodeSdConfigsTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigLinodeSdConfigsTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration applying to the target HTTP endpoint. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigLinodeSdConfigsTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, +/// scraped samples and remote write samples. +/// +/// +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigMetricRelabelings { /// Action to perform based on the regex matching. /// /// @@ -5935,51 +8441,373 @@ pub struct ScrapeConfigMetricRelabelings { pub target_label: Option, } -/// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, -/// scraped samples and remote write samples. -/// -/// -/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +/// RelabelConfig allows dynamic rewriting of the label set for targets, alerts, +/// scraped samples and remote write samples. +/// +/// +/// More info: https://prometheus.io/docs/prometheus/latest/configuration/configuration/#relabel_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigMetricRelabelingsAction { + #[serde(rename = "replace")] + Replace, + #[serde(rename = "Replace")] + ReplaceX, + #[serde(rename = "keep")] + Keep, + #[serde(rename = "Keep")] + KeepX, + #[serde(rename = "drop")] + Drop, + #[serde(rename = "Drop")] + DropX, + #[serde(rename = "hashmod")] + Hashmod, + HashMod, + #[serde(rename = "labelmap")] + Labelmap, + LabelMap, + #[serde(rename = "labeldrop")] + Labeldrop, + LabelDrop, + #[serde(rename = "labelkeep")] + Labelkeep, + LabelKeep, + #[serde(rename = "lowercase")] + Lowercase, + #[serde(rename = "Lowercase")] + LowercaseX, + #[serde(rename = "uppercase")] + Uppercase, + #[serde(rename = "Uppercase")] + UppercaseX, + #[serde(rename = "keepequal")] + Keepequal, + KeepEqual, + #[serde(rename = "dropequal")] + Dropequal, + DropEqual, +} + +/// OAuth2 client credentials used to fetch a token for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the + /// OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: ScrapeConfigOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 + /// client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: ScrapeConfigOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token + /// URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// `scopes` defines the OAuth2 scopes used for the token request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// `clientId` specifies a key of a Secret or ConfigMap containing the +/// OAuth2 client's ID. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2ClientId { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2ClientIdConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2ClientIdSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `clientSecret` specifies a key of a Secret containing the OAuth2 +/// client's secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2ClientSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum ScrapeConfigMetricRelabelingsAction { - #[serde(rename = "replace")] - Replace, - #[serde(rename = "Replace")] - ReplaceX, - #[serde(rename = "keep")] - Keep, - #[serde(rename = "Keep")] - KeepX, - #[serde(rename = "drop")] - Drop, - #[serde(rename = "Drop")] - DropX, - #[serde(rename = "hashmod")] - Hashmod, - HashMod, - #[serde(rename = "labelmap")] - Labelmap, - LabelMap, - #[serde(rename = "labeldrop")] - Labeldrop, - LabelDrop, - #[serde(rename = "labelkeep")] - Labelkeep, - LabelKeep, - #[serde(rename = "lowercase")] - Lowercase, - #[serde(rename = "Lowercase")] - LowercaseX, - #[serde(rename = "uppercase")] - Uppercase, - #[serde(rename = "Uppercase")] - UppercaseX, - #[serde(rename = "keepequal")] - Keepequal, - KeepEqual, - #[serde(rename = "dropequal")] - Dropequal, - DropEqual, +pub enum ScrapeConfigOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, } /// OpenStackSDConfig allow retrieving scrape targets from OpenStack Nova instances. @@ -6555,9 +9383,41 @@ pub struct ScrapeConfigPuppetDbsdConfigsOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -6633,6 +9493,203 @@ pub struct ScrapeConfigPuppetDbsdConfigsOauth2ClientSecret { pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigPuppetDbsdConfigsOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigPuppetDbsdConfigsOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigPuppetDbsdConfigsOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigPuppetDbsdConfigsOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigPuppetDbsdConfigsOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigPuppetDbsdConfigsOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigPuppetDbsdConfigsOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigPuppetDbsdConfigsOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ScrapeConfigPuppetDbsdConfigsOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigPuppetDbsdConfigsOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ScrapeConfigPuppetDbsdConfigsOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ScrapeConfigPuppetDbsdConfigsProxyConnectHeader { diff --git a/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs b/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs index fef7edc83..d969795ac 100644 --- a/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs +++ b/kube-custom-resources-rs/src/monitoring_coreos_com/v1beta1/alertmanagerconfigs.rs @@ -353,9 +353,41 @@ pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -431,6 +463,203 @@ pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2ClientSecret pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversDiscordConfigsHttpConfigOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerConfigReceiversDiscordConfigsHttpConfigTlsConfig { @@ -1039,9 +1268,41 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -1117,33 +1378,53 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2ClientSecret pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1151,18 +1432,18 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1181,7 +1462,7 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaConfigM /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1200,18 +1481,18 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaSecret /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1230,7 +1511,7 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertConfi /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1249,7 +1530,7 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertSecre /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1266,9 +1547,10 @@ pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigKeySecret pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1279,9 +1561,10 @@ pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMaxVersion Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1292,30 +1575,205 @@ pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMinVersion Tls13, } -/// MSTeams webhook URL. +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversMsteamsConfigsWebhookUrl { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// Name of the referent. - /// This field is effectively required, but due to backwards compatibility is - /// allowed to be empty. Instances of this type with an empty value here are - /// almost certainly wrong. - /// TODO: Add other useful fields. apiVersion, kind, uid? - /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names - /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Specify whether the Secret or its key must be defined +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub optional: Option, -} - -/// OpsGenieConfig configures notifications via OpsGenie. -/// See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigs { - /// Comma separated list of actions that will be available for the alert. + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversMsteamsConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// MSTeams webhook URL. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversMsteamsConfigsWebhookUrl { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// OpsGenieConfig configures notifications via OpsGenie. +/// See https://prometheus.io/docs/alerting/latest/configuration/#opsgenie_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigs { + /// Comma separated list of actions that will be available for the alert. #[serde(default, skip_serializing_if = "Option::is_none")] pub actions: Option, /// The secret's key that contains the OpsGenie API key. @@ -1530,9 +1988,41 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -1608,33 +2098,53 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2ClientSecre pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -1642,18 +2152,18 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1672,7 +2182,7 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaConfig /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1691,18 +2201,18 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaSecret /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -1721,7 +2231,7 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertConf /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1740,7 +2250,7 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertSecr /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -1757,9 +2267,10 @@ pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigKeySecre pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1770,9 +2281,10 @@ pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMaxVersion Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -1783,17 +2295,192 @@ pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMinVersion Tls13, } -/// OpsGenieConfigResponder defines a responder to an incident. -/// One of `id`, `name` or `username` has to be defined. -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub struct AlertmanagerConfigReceiversOpsgenieConfigsResponders { - /// ID of the responder. +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub id: Option, - /// Name of the responder. + pub ca: Option, + /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub name: Option, - /// Type of responder. + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversOpsgenieConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// OpsGenieConfigResponder defines a responder to an incident. +/// One of `id`, `name` or `username` has to be defined. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct AlertmanagerConfigReceiversOpsgenieConfigsResponders { + /// ID of the responder. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub id: Option, + /// Name of the responder. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Type of responder. #[serde(rename = "type")] pub r#type: AlertmanagerConfigReceiversOpsgenieConfigsRespondersType, /// Username of the responder. @@ -2036,9 +2723,41 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -2114,33 +2833,53 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2ClientSecr pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -2148,18 +2887,18 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2178,7 +2917,7 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaConfi /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2197,18 +2936,18 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaSecre /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2227,7 +2966,7 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertCon /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2246,7 +2985,7 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertSec /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2263,9 +3002,10 @@ pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigKeySecr pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2276,9 +3016,10 @@ pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMaxVersio Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2289,33 +3030,208 @@ pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMinVersio Tls13, } -/// PagerDutyImageConfig attaches images to an incident -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsPagerDutyImageConfigs { - /// Alt is the optional alternative text for the image. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub alt: Option, - /// Optional URL; makes the image a clickable link. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub href: Option, - /// Src of the image being attached to the incident - #[serde(default, skip_serializing_if = "Option::is_none")] - pub src: Option, -} - -/// PagerDutyLinkConfig attaches text links to an incident +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPagerdutyConfigsPagerDutyLinkConfigs { - /// Text that describes the purpose of the link, and can be used as the link's text. +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub alt: Option, - /// Href is the URL of the link to be attached + pub ca: Option, + /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub href: Option, -} - -/// The secret's key that contains the PagerDuty integration key (when using -/// Events API v2). Either this field or `serviceKey` needs to be defined. + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversPagerdutyConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// PagerDutyImageConfig attaches images to an incident +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsPagerDutyImageConfigs { + /// Alt is the optional alternative text for the image. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub alt: Option, + /// Optional URL; makes the image a clickable link. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub href: Option, + /// Src of the image being attached to the incident + #[serde(default, skip_serializing_if = "Option::is_none")] + pub src: Option, +} + +/// PagerDutyLinkConfig attaches text links to an incident +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPagerdutyConfigsPagerDutyLinkConfigs { + /// Text that describes the purpose of the link, and can be used as the link's text. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub alt: Option, + /// Href is the URL of the link to be attached + #[serde(default, skip_serializing_if = "Option::is_none")] + pub href: Option, +} + +/// The secret's key that contains the PagerDuty integration key (when using +/// Events API v2). Either this field or `serviceKey` needs to be defined. /// The secret needs to be in the same namespace as the AlertmanagerConfig /// object and accessible by the Prometheus Operator. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] @@ -2557,9 +3473,41 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -2635,33 +3583,53 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2ClientSecre pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -2669,18 +3637,18 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2699,7 +3667,7 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaConfig /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2718,18 +3686,18 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaSecret /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -2748,7 +3716,7 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertConf /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2767,7 +3735,7 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertSecr /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -2784,9 +3752,10 @@ pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigKeySecre pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2797,9 +3766,10 @@ pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMaxVersion Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -2810,19 +3780,194 @@ pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMinVersion Tls13, } -/// The secret's key that contains the registered application's API token, see https://pushover.net/apps. -/// The secret needs to be in the same namespace as the AlertmanagerConfig -/// object and accessible by the Prometheus Operator. -/// Either `token` or `tokenFile` is required. +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversPushoverConfigsToken { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// The name of the secret in the object's namespace to select from. - pub name: String, -} - -/// The secret's key that contains the recipient user's user key. +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversPushoverConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// The secret's key that contains the registered application's API token, see https://pushover.net/apps. +/// The secret needs to be in the same namespace as the AlertmanagerConfig +/// object and accessible by the Prometheus Operator. +/// Either `token` or `tokenFile` is required. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversPushoverConfigsToken { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the object's namespace to select from. + pub name: String, +} + +/// The secret's key that contains the recipient user's user key. /// The secret needs to be in the same namespace as the AlertmanagerConfig /// object and accessible by the Prometheus Operator. /// Either `userKey` or `userKeyFile` is required. @@ -3106,9 +4251,41 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -3184,33 +4361,53 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2ClientSecret { pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -3218,18 +4415,18 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3248,7 +4445,7 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaConfigMap /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3267,18 +4464,18 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3297,7 +4494,7 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertConfigM /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3316,7 +4513,7 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertSecret /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3333,9 +4530,10 @@ pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3346,9 +4544,10 @@ pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMaxVersion { Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3359,25 +4558,200 @@ pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMinVersion { Tls13, } -/// SNSConfig configures notifications via AWS SNS. -/// See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigs { - /// The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. - /// If not specified, the SNS API URL from the SNS SDK will be used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiURL")] - pub api_url: Option, - /// SNS message attributes. +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub attributes: Option>, - /// HTTP client configuration. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] - pub http_config: Option, - /// The message content of the SNS notification. + pub ca: Option, + /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub message: Option, - /// Phone number if message is delivered via SMS in E.164 format. - /// If you don't specify this value, you must specify a value for the TopicARN or TargetARN. + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversSlackConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// SNSConfig configures notifications via AWS SNS. +/// See https://prometheus.io/docs/alerting/latest/configuration/#sns_configs +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigs { + /// The SNS API URL i.e. https://sns.us-east-2.amazonaws.com. + /// If not specified, the SNS API URL from the SNS SDK will be used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiURL")] + pub api_url: Option, + /// SNS message attributes. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub attributes: Option>, + /// HTTP client configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] + pub http_config: Option, + /// The message content of the SNS notification. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub message: Option, + /// Phone number if message is delivered via SMS in E.164 format. + /// If you don't specify this value, you must specify a value for the TopicARN or TargetARN. #[serde(default, skip_serializing_if = "Option::is_none", rename = "phoneNumber")] pub phone_number: Option, /// Whether or not to notify about resolved alerts. @@ -3548,9 +4922,41 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -3626,33 +5032,53 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2ClientSecret { pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -3660,18 +5086,18 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3690,7 +5116,7 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaConfigMap { /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3709,18 +5135,18 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -3739,7 +5165,7 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertConfigMap /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3758,7 +5184,7 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertSecret { /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -3775,9 +5201,10 @@ pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3788,9 +5215,10 @@ pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMaxVersion { Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -3801,25 +5229,200 @@ pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMinVersion { Tls13, } -/// Configures AWS's Signature Verification 4 signing process to sign requests. +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversSnsConfigsSigv4 { - /// AccessKey is the AWS API key. If not specified, the environment variable - /// `AWS_ACCESS_KEY_ID` is used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] - pub access_key: Option, - /// Profile is the named AWS profile used to authenticate. +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub profile: Option, - /// Region is the AWS region. If blank, the region from the default credentials chain used. + pub ca: Option, + /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub region: Option, - /// RoleArn is the named AWS profile used to authenticate. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleArn")] - pub role_arn: Option, - /// SecretKey is the AWS API secret. If not specified, the environment - /// variable `AWS_SECRET_ACCESS_KEY` is used. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversSnsConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// Configures AWS's Signature Verification 4 signing process to sign requests. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversSnsConfigsSigv4 { + /// AccessKey is the AWS API key. If not specified, the environment variable + /// `AWS_ACCESS_KEY_ID` is used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessKey")] + pub access_key: Option, + /// Profile is the named AWS profile used to authenticate. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub profile: Option, + /// Region is the AWS region. If blank, the region from the default credentials chain used. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub region: Option, + /// RoleArn is the named AWS profile used to authenticate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "roleArn")] + pub role_arn: Option, + /// SecretKey is the AWS API secret. If not specified, the environment + /// variable `AWS_SECRET_ACCESS_KEY` is used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretKey")] pub secret_key: Option, } @@ -4069,9 +5672,41 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -4147,33 +5782,53 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2ClientSecre pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -4181,18 +5836,18 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4211,7 +5866,7 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaConfig /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4230,18 +5885,18 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaSecret /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4260,7 +5915,7 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertConf /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4279,7 +5934,7 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertSecr /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4296,9 +5951,10 @@ pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigKeySecre pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -4309,9 +5965,10 @@ pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMaxVersion Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -4322,27 +5979,202 @@ pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMinVersion Tls13, } -/// TelegramConfig configures notifications via Telegram. -/// See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config -#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversTelegramConfigsParseMode { - MarkdownV2, - Markdown, - #[serde(rename = "HTML")] - Html, -} - -/// VictorOpsConfig configures notifications via VictorOps. -/// See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigs { - /// The secret's key that contains the API key to use when talking to the VictorOps API. - /// The secret needs to be in the same namespace as the AlertmanagerConfig - /// object and accessible by the Prometheus Operator. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] - pub api_key: Option, - /// The VictorOps API URL. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiUrl")] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversTelegramConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TelegramConfig configures notifications via Telegram. +/// See https://prometheus.io/docs/alerting/latest/configuration/#telegram_config +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversTelegramConfigsParseMode { + MarkdownV2, + Markdown, + #[serde(rename = "HTML")] + Html, +} + +/// VictorOpsConfig configures notifications via VictorOps. +/// See https://prometheus.io/docs/alerting/latest/configuration/#victorops_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigs { + /// The secret's key that contains the API key to use when talking to the VictorOps API. + /// The secret needs to be in the same namespace as the AlertmanagerConfig + /// object and accessible by the Prometheus Operator. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiKey")] + pub api_key: Option, + /// The VictorOps API URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiUrl")] pub api_url: Option, /// Additional custom fields for notification. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customFields")] @@ -4539,9 +6371,41 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -4617,33 +6481,53 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2ClientSecr pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -4651,18 +6535,18 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4681,7 +6565,7 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaConfi /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4700,18 +6584,18 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaSecre /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -4730,7 +6614,7 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertCon /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4749,7 +6633,7 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertSec /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -4766,9 +6650,10 @@ pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigKeySecr pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -4779,9 +6664,10 @@ pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMaxVersio Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -4792,19 +6678,194 @@ pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMinVersio Tls13, } -/// WebexConfig configures notification via Cisco Webex -/// See https://prometheus.io/docs/alerting/latest/configuration/#webex_config +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigs { - /// The Webex Teams API URL i.e. https://webexapis.com/v1/messages - #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiURL")] - pub api_url: Option, - /// The HTTP client's configuration. - /// You must use this configuration to supply the bot token as part of the HTTP `Authorization` header. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] - pub http_config: Option, - /// Message template - #[serde(default, skip_serializing_if = "Option::is_none")] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversVictoropsConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// WebexConfig configures notification via Cisco Webex +/// See https://prometheus.io/docs/alerting/latest/configuration/#webex_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigs { + /// The Webex Teams API URL i.e. https://webexapis.com/v1/messages + #[serde(default, skip_serializing_if = "Option::is_none", rename = "apiURL")] + pub api_url: Option, + /// The HTTP client's configuration. + /// You must use this configuration to supply the bot token as part of the HTTP `Authorization` header. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] + pub http_config: Option, + /// Message template + #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, /// ID of the Webex Teams room where to send the messages. #[serde(rename = "roomID")] @@ -4964,9 +7025,41 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -5042,33 +7135,53 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2ClientSecret { pub optional: Option, } -/// TLS configuration for the client. +/// SecretKeySelector selects a key of a Secret. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfig { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfig { /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub ca: Option, + pub ca: Option, /// Client certificate to present when doing client-authentication. #[serde(default, skip_serializing_if = "Option::is_none")] - pub cert: Option, + pub cert: Option, /// Disable target certificate validation. #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] pub insecure_skip_verify: Option, /// Secret containing the client key file for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] - pub key_secret: Option, + pub key_secret: Option, /// Maximum acceptable TLS version. /// /// /// It requires Prometheus >= v2.41.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] - pub max_version: Option, + pub max_version: Option, /// Minimum acceptable TLS version. /// /// /// It requires Prometheus >= v2.35.0. #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] - pub min_version: Option, + pub min_version: Option, /// Used to verify the hostname for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] pub server_name: Option, @@ -5076,18 +7189,18 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfig { /// Certificate authority used when verifying server certificates. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCa { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCa { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaConfigMap { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCaConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5106,7 +7219,7 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaConfigMap /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaSecret { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5125,18 +7238,18 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaSecret { /// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCert { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertConfigMap { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5155,7 +7268,7 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertConfigM /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertSecret { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5174,7 +7287,7 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertSecret /// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigKeySecret { +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5191,9 +7304,10 @@ pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigKeySecret { pub optional: Option, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMaxVersion { +pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigMaxVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5204,9 +7318,10 @@ pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMaxVersion { Tls13, } -/// TLS configuration for the client. +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. #[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] -pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMinVersion { +pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigOauth2TlsConfigMinVersion { #[serde(rename = "TLS10")] Tls10, #[serde(rename = "TLS11")] @@ -5217,26 +7332,201 @@ pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMinVersion { Tls13, } -/// WebhookConfig configures notifications via a generic receiver supporting the webhook payload. -/// See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config +/// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigs { - /// HTTP client configuration. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] - pub http_config: Option, - /// Maximum number of alerts to be sent per webhook message. When 0, all alerts are included. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxAlerts")] - pub max_alerts: Option, - /// Whether or not to notify about resolved alerts. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "sendResolved")] - pub send_resolved: Option, - /// The URL to send HTTP POST requests to. `urlSecret` takes precedence over - /// `url`. One of `urlSecret` and `url` should be defined. +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfig { + /// Certificate authority used when verifying server certificates. #[serde(default, skip_serializing_if = "Option::is_none")] - pub url: Option, - /// The secret's key that contains the webhook URL to send HTTP requests to. - /// `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` - /// should be defined. + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration for the client. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWebexConfigsHttpConfigTlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// WebhookConfig configures notifications via a generic receiver supporting the webhook payload. +/// See https://prometheus.io/docs/alerting/latest/configuration/#webhook_config +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigs { + /// HTTP client configuration. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpConfig")] + pub http_config: Option, + /// Maximum number of alerts to be sent per webhook message. When 0, all alerts are included. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxAlerts")] + pub max_alerts: Option, + /// Whether or not to notify about resolved alerts. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "sendResolved")] + pub send_resolved: Option, + /// The URL to send HTTP POST requests to. `urlSecret` takes precedence over + /// `url`. One of `urlSecret` and `url` should be defined. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub url: Option, + /// The secret's key that contains the webhook URL to send HTTP requests to. + /// `urlSecret` takes precedence over `url`. One of `urlSecret` and `url` + /// should be defined. /// The secret needs to be in the same namespace as the AlertmanagerConfig /// object and accessible by the Prometheus Operator. #[serde(default, skip_serializing_if = "Option::is_none", rename = "urlSecret")] @@ -5340,15 +7630,253 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBasicAuthPassword /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, - /// Specify whether the Secret or its key must be defined + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `username` specifies a key of a Secret containing the username for +/// authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBasicAuthUsername { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// The secret's key that contains the bearer token to be used by the client +/// for authentication. +/// The secret needs to be in the same namespace as the AlertmanagerConfig +/// object and accessible by the Prometheus Operator. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBearerTokenSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// The name of the secret in the object's namespace to select from. + pub name: String, +} + +/// OAuth2 client credentials used to fetch a token for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2 { + /// `clientId` specifies a key of a Secret or ConfigMap containing the + /// OAuth2 client's ID. + #[serde(rename = "clientId")] + pub client_id: AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientId, + /// `clientSecret` specifies a key of a Secret containing the OAuth2 + /// client's secret. + #[serde(rename = "clientSecret")] + pub client_secret: AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret, + /// `endpointParams` configures the HTTP parameters to append to the token + /// URL. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] + pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, + /// `scopes` defines the OAuth2 scopes used for the token request. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, + /// `tokenURL` configures the URL to fetch the token from. + #[serde(rename = "tokenUrl")] + pub token_url: String, +} + +/// `clientId` specifies a key of a Secret or ConfigMap containing the +/// OAuth2 client's ID. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientId { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// `clientSecret` specifies a key of a Secret containing the OAuth2 +/// client's secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined #[serde(default, skip_serializing_if = "Option::is_none")] pub optional: Option, } -/// `username` specifies a key of a Secret containing the username for -/// authentication. +/// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBasicAuthUsername { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCaSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5365,56 +7893,20 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBasicAuthUsername pub optional: Option, } -/// The secret's key that contains the bearer token to be used by the client -/// for authentication. -/// The secret needs to be in the same namespace as the AlertmanagerConfig -/// object and accessible by the Prometheus Operator. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigBearerTokenSecret { - /// The key of the secret to select from. Must be a valid secret key. - pub key: String, - /// The name of the secret in the object's namespace to select from. - pub name: String, -} - -/// OAuth2 client credentials used to fetch a token for the targets. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2 { - /// `clientId` specifies a key of a Secret or ConfigMap containing the - /// OAuth2 client's ID. - #[serde(rename = "clientId")] - pub client_id: AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientId, - /// `clientSecret` specifies a key of a Secret containing the OAuth2 - /// client's secret. - #[serde(rename = "clientSecret")] - pub client_secret: AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret, - /// `endpointParams` configures the HTTP parameters to append to the token - /// URL. - #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] - pub endpoint_params: Option>, - /// `scopes` defines the OAuth2 scopes used for the token request. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub scopes: Option>, - /// `tokenURL` configures the URL to fetch the token from. - #[serde(rename = "tokenUrl")] - pub token_url: String, -} - -/// `clientId` specifies a key of a Secret or ConfigMap containing the -/// OAuth2 client's ID. +/// Client certificate to present when doing client-authentication. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientId { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCert { /// ConfigMap containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] - pub config_map: Option, + pub config_map: Option, /// Secret containing data to use for the targets. #[serde(default, skip_serializing_if = "Option::is_none")] - pub secret: Option, + pub secret: Option, } /// ConfigMap containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdConfigMap { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCertConfigMap { /// The key to select. pub key: String, /// Name of the referent. @@ -5433,7 +7925,7 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdConf /// Secret containing data to use for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdSecret { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigCertSecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5450,10 +7942,9 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientIdSecr pub optional: Option, } -/// `clientSecret` specifies a key of a Secret containing the OAuth2 -/// client's secret. +/// Secret containing the client key file for the targets. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret { +pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigKeySecret { /// The key of the secret to select from. Must be a valid secret key. pub key: String, /// Name of the referent. @@ -5470,6 +7961,34 @@ pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2ClientSecret pub optional: Option, } +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWebhookConfigsHttpConfigOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerConfigReceiversWebhookConfigsHttpConfigTlsConfig { @@ -5854,9 +8373,41 @@ pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2 { /// URL. #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointParams")] pub endpoint_params: Option>, + /// `noProxy` is a comma-separated string that can contain IPs, CIDR notation, domain names + /// that should be excluded from proxying. IP and domain names can + /// contain port numbers. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "noProxy")] + pub no_proxy: Option, + /// ProxyConnectHeader optionally specifies headers to send to + /// proxies during CONNECT requests. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyConnectHeader")] + pub proxy_connect_header: Option>, + /// Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). + /// If unset, Prometheus uses its default value. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyFromEnvironment")] + pub proxy_from_environment: Option, + /// `proxyURL` defines the HTTP proxy server to use. + /// + /// + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "proxyUrl")] + pub proxy_url: Option, /// `scopes` defines the OAuth2 scopes used for the token request. #[serde(default, skip_serializing_if = "Option::is_none")] pub scopes: Option>, + /// TLS configuration to use when connecting to the OAuth2 server. + /// It requires Prometheus >= v2.43.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "tlsConfig")] + pub tls_config: Option, /// `tokenURL` configures the URL to fetch the token from. #[serde(rename = "tokenUrl")] pub token_url: String, @@ -5932,6 +8483,203 @@ pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2ClientSecret pub optional: Option, } +/// SecretKeySelector selects a key of a Secret. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2ProxyConnectHeader { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfig { + /// Certificate authority used when verifying server certificates. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub ca: Option, + /// Client certificate to present when doing client-authentication. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub cert: Option, + /// Disable target certificate validation. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "insecureSkipVerify")] + pub insecure_skip_verify: Option, + /// Secret containing the client key file for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "keySecret")] + pub key_secret: Option, + /// Maximum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.41.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "maxVersion")] + pub max_version: Option, + /// Minimum acceptable TLS version. + /// + /// + /// It requires Prometheus >= v2.35.0. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "minVersion")] + pub min_version: Option, + /// Used to verify the hostname for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "serverName")] + pub server_name: Option, +} + +/// Certificate authority used when verifying server certificates. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCa { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCaConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCaSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Client certificate to present when doing client-authentication. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCert { + /// ConfigMap containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] + pub config_map: Option, + /// Secret containing data to use for the targets. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub secret: Option, +} + +/// ConfigMap containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCertConfigMap { + /// The key to select. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the ConfigMap or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing data to use for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigCertSecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// Secret containing the client key file for the targets. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigKeySecret { + /// The key of the secret to select from. Must be a valid secret key. + pub key: String, + /// Name of the referent. + /// This field is effectively required, but due to backwards compatibility is + /// allowed to be empty. Instances of this type with an empty value here are + /// almost certainly wrong. + /// TODO: Add other useful fields. apiVersion, kind, uid? + /// More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + /// TODO: Drop `kubebuilder:default` when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// Specify whether the Secret or its key must be defined + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigMaxVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + +/// TLS configuration to use when connecting to the OAuth2 server. +/// It requires Prometheus >= v2.43.0. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum AlertmanagerConfigReceiversWechatConfigsHttpConfigOauth2TlsConfigMinVersion { + #[serde(rename = "TLS10")] + Tls10, + #[serde(rename = "TLS11")] + Tls11, + #[serde(rename = "TLS12")] + Tls12, + #[serde(rename = "TLS13")] + Tls13, +} + /// TLS configuration for the client. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct AlertmanagerConfigReceiversWechatConfigsHttpConfigTlsConfig { diff --git a/kube-custom-resources-rs/src/mq_services_k8s_aws/v1alpha1/brokers.rs b/kube-custom-resources-rs/src/mq_services_k8s_aws/v1alpha1/brokers.rs index 0d2436704..b17afc1f7 100644 --- a/kube-custom-resources-rs/src/mq_services_k8s_aws/v1alpha1/brokers.rs +++ b/kube-custom-resources-rs/src/mq_services_k8s_aws/v1alpha1/brokers.rs @@ -176,6 +176,8 @@ pub struct BrokerSecurityGroupRefs { pub struct BrokerSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -200,6 +202,8 @@ pub struct BrokerSubnetRefs { pub struct BrokerSubnetRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// A user associated with the broker. For RabbitMQ brokers, one and only one diff --git a/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewalls.rs b/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewalls.rs index 3f07f9307..d55bea3ab 100644 --- a/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewalls.rs +++ b/kube-custom-resources-rs/src/networkfirewall_services_k8s_aws/v1alpha1/firewalls.rs @@ -95,8 +95,8 @@ pub struct FirewallEncryptionConfiguration { /// traffic in the subnet's Availability Zone. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FirewallSubnetMappings { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "iPAddressType")] - pub i_p_address_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipAddressType")] + pub ip_address_type: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetID")] pub subnet_id: Option, } @@ -222,8 +222,8 @@ pub struct FirewallStatusFirewallEncryptionConfiguration { /// traffic in the subnet's Availability Zone. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct FirewallStatusFirewallSubnetMappings { - #[serde(default, skip_serializing_if = "Option::is_none", rename = "iPAddressType")] - pub i_p_address_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipAddressType")] + pub ip_address_type: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "subnetID")] pub subnet_id: Option, } diff --git a/kube-custom-resources-rs/src/opensearchservice_services_k8s_aws/v1alpha1/domains.rs b/kube-custom-resources-rs/src/opensearchservice_services_k8s_aws/v1alpha1/domains.rs index 0aaa401d6..75c374635 100644 --- a/kube-custom-resources-rs/src/opensearchservice_services_k8s_aws/v1alpha1/domains.rs +++ b/kube-custom-resources-rs/src/opensearchservice_services_k8s_aws/v1alpha1/domains.rs @@ -20,69 +20,112 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct DomainSpec { - /// IAM access policy as a JSON-formatted string. + /// Identity and Access Management (IAM) policy document specifying the access + /// policies for the new domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "accessPolicies")] pub access_policies: Option, - /// Option to allow references to indices in an HTTP request body. Must be false - /// when configuring access to individual sub-resources. By default, the value - /// is true. See Advanced cluster parameters (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options) - /// for more information. + /// Key-value pairs to specify advanced configuration options. The following + /// key-value pairs are supported: + /// + /// + /// * "rest.action.multi.allow_explicit_index": "true" | "false" - Note the + /// use of a string rather than a boolean. Specifies whether explicit references + /// to indexes are allowed inside the body of HTTP requests. If you want to + /// configure access policies for domain sub-resources, such as specific indexes + /// and domain APIs, you must disable this property. Default is true. + /// + /// + /// * "indices.fielddata.cache.size": "80" - Note the use of a string rather + /// than a boolean. Specifies the percentage of heap space allocated to field + /// data. Default is unbounded. + /// + /// + /// * "indices.query.bool.max_clause_count": "1024" - Note the use of a string + /// rather than a boolean. Specifies the maximum number of clauses allowed + /// in a Lucene boolean query. Default is 1,024. Queries with more than the + /// permitted number of clauses result in a TooManyClauses error. + /// + /// + /// * "override_main_response_version": "true" | "false" - Note the use of + /// a string rather than a boolean. Specifies whether the domain reports its + /// version as 7.10 to allow Elasticsearch OSS clients and plugins to continue + /// working with it. Default is false when creating a domain and true when + /// upgrading a domain. + /// + /// + /// For more information, see Advanced cluster parameters (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomain-configure-advanced-options). #[serde(default, skip_serializing_if = "Option::is_none", rename = "advancedOptions")] pub advanced_options: Option>, - /// Specifies advanced security options. + /// Options for fine-grained access control. #[serde(default, skip_serializing_if = "Option::is_none", rename = "advancedSecurityOptions")] pub advanced_security_options: Option, - /// Specifies Auto-Tune options. + /// Options for all machine learning features for the specified domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "aimlOptions")] + pub aiml_options: Option, + /// Options for Auto-Tune. #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoTuneOptions")] pub auto_tune_options: Option, - /// Configuration options for a domain. Specifies the instance type and number - /// of instances in the domain. + /// Container for the cluster configuration of a domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterConfig")] pub cluster_config: Option, - /// Options to specify the Cognito user and identity pools for OpenSearch Dashboards - /// authentication. For more information, see Configuring Amazon Cognito authentication - /// for OpenSearch Dashboards (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html). + /// Key-value pairs to configure Amazon Cognito authentication. For more information, + /// see Configuring Amazon Cognito authentication for OpenSearch Dashboards (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "cognitoOptions")] pub cognito_options: Option, - /// Options to specify configurations that will be applied to the domain endpoint. + /// Additional options for the domain endpoint, such as whether to require HTTPS + /// for all traffic. #[serde(default, skip_serializing_if = "Option::is_none", rename = "domainEndpointOptions")] pub domain_endpoint_options: Option, - /// Options to enable, disable, and specify the type and size of EBS storage - /// volumes. + /// Container for the parameters required to enable EBS-based storage for an + /// OpenSearch Service domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "ebsOptions")] pub ebs_options: Option, - /// Options for encryption of data at rest. + /// Key-value pairs to enable encryption at rest. #[serde(default, skip_serializing_if = "Option::is_none", rename = "encryptionAtRestOptions")] pub encryption_at_rest_options: Option, /// String of format Elasticsearch_X.Y or OpenSearch_X.Y to specify the engine - /// version for the Amazon OpenSearch Service domain. For example, "OpenSearch_1.0" - /// or "Elasticsearch_7.9". For more information, see Creating and managing Amazon - /// OpenSearch Service domains (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains). + /// version for the OpenSearch Service domain. For example, OpenSearch_1.0 or + /// Elasticsearch_7.9. For more information, see Creating and managing Amazon + /// OpenSearch Service domains (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/createupdatedomains.html#createdomains). #[serde(default, skip_serializing_if = "Option::is_none", rename = "engineVersion")] pub engine_version: Option, - /// Map of LogType and LogPublishingOption, each containing options to publish - /// a given type of OpenSearch log. + /// Specify either dual stack or IPv4 as your IP address type. Dual stack allows + /// you to share domain resources across IPv4 and IPv6 address types, and is + /// the recommended option. If you set your IP address type to dual stack, you + /// can't change your address type later. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipAddressType")] + pub ip_address_type: Option, + /// Key-value pairs to configure log publishing. #[serde(default, skip_serializing_if = "Option::is_none", rename = "logPublishingOptions")] pub log_publishing_options: Option>, - /// The name of the Amazon OpenSearch Service domain you're creating. Domain - /// names are unique across the domains owned by an account within an AWS region. - /// Domain names must start with a lowercase letter and can contain the following - /// characters: a-z (lowercase), 0-9, and - (hyphen). + /// Name of the OpenSearch Service domain to create. Domain names are unique + /// across the domains owned by an account within an Amazon Web Services Region. pub name: String, - /// Node-to-node encryption options. + /// Enables node-to-node encryption. #[serde(default, skip_serializing_if = "Option::is_none", rename = "nodeToNodeEncryptionOptions")] pub node_to_node_encryption_options: Option, - /// A list of Tag added during domain creation. + /// Specifies a daily 10-hour time block during which OpenSearch Service can + /// perform configuration changes on the domain, including service software updates + /// and Auto-Tune enhancements that require a blue/green deployment. If no options + /// are specified, the default start time of 10:00 P.M. local time (for the Region + /// that the domain is created in) is used. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "offPeakWindowOptions")] + pub off_peak_window_options: Option, + /// Software update options for the domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "softwareUpdateOptions")] + pub software_update_options: Option, + /// List of tags to add to the domain upon creation. #[serde(default, skip_serializing_if = "Option::is_none")] pub tags: Option>, - /// Options to specify the subnets and security groups for a VPC endpoint. For - /// more information, see Launching your Amazon OpenSearch Service domains using - /// a VPC (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html). + /// Container for the values required to configure VPC access domains. If you + /// don't specify these values, OpenSearch Service creates the domain with a + /// public endpoint. For more information, see Launching your Amazon OpenSearch + /// Service domains using a VPC (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "vpcOptions")] pub vpc_options: Option, } -/// Specifies advanced security options. +/// Options for fine-grained access control. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainAdvancedSecurityOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "anonymousAuthEnabled")] @@ -91,20 +134,38 @@ pub struct DomainAdvancedSecurityOptions { pub enabled: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "internalUserDatabaseEnabled")] pub internal_user_database_enabled: Option, - /// Credentials for the master user: username and password, ARN, or both. + /// The JWT authentication and authorization configuration for an Amazon OpenSearch + /// Service domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "jwtOptions")] + pub jwt_options: Option, + /// Credentials for the master user for a domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterUserOptions")] pub master_user_options: Option, - /// The SAML application configuration for the domain. + /// The SAML authentication configuration for an Amazon OpenSearch Service domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "sAMLOptions")] pub s_aml_options: Option, } -/// Credentials for the master user: username and password, ARN, or both. +/// The JWT authentication and authorization configuration for an Amazon OpenSearch +/// Service domain. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DomainAdvancedSecurityOptionsJwtOptions { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "publicKey")] + pub public_key: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "rolesKey")] + pub roles_key: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "subjectKey")] + pub subject_key: Option, +} + +/// Credentials for the master user for a domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainAdvancedSecurityOptionsMasterUserOptions { /// The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities - /// (http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using AWS - /// Identity and Access Management for more information. + /// (https://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using Amazon + /// Web Services Identity and Access Management for more information. #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterUserARN")] pub master_user_arn: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterUserName")] @@ -129,12 +190,12 @@ pub struct DomainAdvancedSecurityOptionsMasterUserOptionsMasterUserPassword { pub namespace: Option, } -/// The SAML application configuration for the domain. +/// The SAML authentication configuration for an Amazon OpenSearch Service domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainAdvancedSecurityOptionsSAmlOptions { #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, - /// The SAML identity povider's information. + /// The SAML identity povider information. #[serde(default, skip_serializing_if = "Option::is_none")] pub idp: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "masterBackendRole")] @@ -149,7 +210,7 @@ pub struct DomainAdvancedSecurityOptionsSAmlOptions { pub subject_key: Option, } -/// The SAML identity povider's information. +/// The SAML identity povider information. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainAdvancedSecurityOptionsSAmlOptionsIdp { #[serde(default, skip_serializing_if = "Option::is_none", rename = "entityID")] @@ -158,7 +219,24 @@ pub struct DomainAdvancedSecurityOptionsSAmlOptionsIdp { pub metadata_content: Option, } -/// Specifies Auto-Tune options. +/// Options for all machine learning features for the specified domain. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DomainAimlOptions { + /// Container for parameters required to enable the natural language query generation + /// feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "naturalLanguageQueryGenerationOptions")] + pub natural_language_query_generation_options: Option, +} + +/// Container for parameters required to enable the natural language query generation +/// feature. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DomainAimlOptionsNaturalLanguageQueryGenerationOptions { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "desiredState")] + pub desired_state: Option, +} + +/// Options for Auto-Tune. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainAutoTuneOptions { /// The Auto-Tune desired state. Valid values are ENABLED and DISABLED. @@ -166,46 +244,47 @@ pub struct DomainAutoTuneOptions { pub desired_state: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "maintenanceSchedules")] pub maintenance_schedules: Option>, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "useOffPeakWindow")] + pub use_off_peak_window: Option, } -/// Specifies the Auto-Tune maintenance schedule. See Auto-Tune for Amazon OpenSearch -/// Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) -/// for more information. +/// This object is deprecated. Use the domain's off-peak window (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html) +/// to schedule Auto-Tune optimizations. For migration instructions, see Migrating +/// from Auto-Tune maintenance windows (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html#off-peak-migrate). +/// +/// +/// The Auto-Tune maintenance schedule. For more information, see Auto-Tune for +/// Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainAutoTuneOptionsMaintenanceSchedules { #[serde(default, skip_serializing_if = "Option::is_none", rename = "cronExpressionForRecurrence")] pub cron_expression_for_recurrence: Option, - /// The maintenance schedule duration: duration value and duration unit. See - /// Auto-Tune for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) - /// for more information. + /// The duration of a maintenance schedule. For more information, see Auto-Tune + /// for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html). #[serde(default, skip_serializing_if = "Option::is_none")] pub duration: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "startAt")] pub start_at: Option, } -/// The maintenance schedule duration: duration value and duration unit. See -/// Auto-Tune for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) -/// for more information. +/// The duration of a maintenance schedule. For more information, see Auto-Tune +/// for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainAutoTuneOptionsMaintenanceSchedulesDuration { - /// The unit of a maintenance schedule duration. Valid value is HOUR. See Auto-Tune - /// for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) - /// for more information. + /// The unit of a maintenance schedule duration. Valid value is HOUR. #[serde(default, skip_serializing_if = "Option::is_none")] pub unit: Option, - /// Integer to specify the value of a maintenance schedule duration. See Auto-Tune - /// for Amazon OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/auto-tune.html) - /// for more information. + /// Integer that specifies the value of a maintenance schedule duration. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } -/// Configuration options for a domain. Specifies the instance type and number -/// of instances in the domain. +/// Container for the cluster configuration of a domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainClusterConfig { - /// Specifies the configuration for cold storage options such as enabled + /// Container for the parameters required to enable cold storage for an OpenSearch + /// Service domain. For more information, see Cold storage for Amazon OpenSearch + /// Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cold-storage.html). #[serde(default, skip_serializing_if = "Option::is_none", rename = "coldStorageOptions")] pub cold_storage_options: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "dedicatedMasterCount")] @@ -218,38 +297,39 @@ pub struct DomainClusterConfig { pub instance_count: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "instanceType")] pub instance_type: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "multiAZWithStandbyEnabled")] + pub multi_az_with_standby_enabled: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "warmCount")] pub warm_count: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "warmEnabled")] pub warm_enabled: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "warmType")] pub warm_type: Option, - /// The zone awareness configuration for the domain cluster, such as the number - /// of availability zones. + /// The zone awareness configuration for an Amazon OpenSearch Service domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "zoneAwarenessConfig")] pub zone_awareness_config: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "zoneAwarenessEnabled")] pub zone_awareness_enabled: Option, } -/// Specifies the configuration for cold storage options such as enabled +/// Container for the parameters required to enable cold storage for an OpenSearch +/// Service domain. For more information, see Cold storage for Amazon OpenSearch +/// Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cold-storage.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainClusterConfigColdStorageOptions { #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, } -/// The zone awareness configuration for the domain cluster, such as the number -/// of availability zones. +/// The zone awareness configuration for an Amazon OpenSearch Service domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainClusterConfigZoneAwarenessConfig { #[serde(default, skip_serializing_if = "Option::is_none", rename = "availabilityZoneCount")] pub availability_zone_count: Option, } -/// Options to specify the Cognito user and identity pools for OpenSearch Dashboards -/// authentication. For more information, see Configuring Amazon Cognito authentication -/// for OpenSearch Dashboards (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html). +/// Key-value pairs to configure Amazon Cognito authentication. For more information, +/// see Configuring Amazon Cognito authentication for OpenSearch Dashboards (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainCognitoOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -262,14 +342,15 @@ pub struct DomainCognitoOptions { pub user_pool_id: Option, } -/// Options to specify configurations that will be applied to the domain endpoint. +/// Additional options for the domain endpoint, such as whether to require HTTPS +/// for all traffic. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainDomainEndpointOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "customEndpoint")] pub custom_endpoint: Option, /// The Amazon Resource Name (ARN) of the domain. See Identifiers for IAM Entities - /// (http://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using AWS - /// Identity and Access Management for more information. + /// (https://docs.aws.amazon.com/IAM/latest/UserGuide/index.html) in Using Amazon + /// Web Services Identity and Access Management for more information. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customEndpointCertificateARN")] pub custom_endpoint_certificate_arn: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "customEndpointEnabled")] @@ -280,8 +361,8 @@ pub struct DomainDomainEndpointOptions { pub tls_security_policy: Option, } -/// Options to enable, disable, and specify the type and size of EBS storage -/// volumes. +/// Container for the parameters required to enable EBS-based storage for an +/// OpenSearch Service domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainEbsOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "ebsEnabled")] @@ -292,14 +373,13 @@ pub struct DomainEbsOptions { pub throughput: Option, #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeSize")] pub volume_size: Option, - /// The type of EBS volume, standard, gp2, gp3 or io1. See Configuring EBS-based - /// Storage (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/opensearch-createupdatedomains.html#opensearch-createdomain-configure-ebs) - /// for more information. + /// The type of EBS volume that a domain uses. For more information, see Configuring + /// EBS-based storage (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/opensearch-createupdatedomains.html#opensearch-createdomain-configure-ebs). #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeType")] pub volume_type: Option, } -/// Options for encryption of data at rest. +/// Key-value pairs to enable encryption at rest. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainEncryptionAtRestOptions { #[serde(default, skip_serializing_if = "Option::is_none")] @@ -308,8 +388,7 @@ pub struct DomainEncryptionAtRestOptions { pub kms_key_id: Option, } -/// Map of LogType and LogPublishingOption, each containing options to publish -/// a given type of OpenSearch log. +/// Key-value pairs to configure log publishing. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainLogPublishingOptions { /// ARN of the Cloudwatch log group to publish logs to. @@ -319,29 +398,92 @@ pub struct DomainLogPublishingOptions { pub enabled: Option, } -/// Node-to-node encryption options. +/// Enables node-to-node encryption. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainNodeToNodeEncryptionOptions { #[serde(default, skip_serializing_if = "Option::is_none")] pub enabled: Option, } -/// A key value pair for a resource tag. +/// Specifies a daily 10-hour time block during which OpenSearch Service can +/// perform configuration changes on the domain, including service software updates +/// and Auto-Tune enhancements that require a blue/green deployment. If no options +/// are specified, the default start time of 10:00 P.M. local time (for the Region +/// that the domain is created in) is used. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DomainOffPeakWindowOptions { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub enabled: Option, + /// A custom 10-hour, low-traffic window during which OpenSearch Service can + /// perform mandatory configuration changes on the domain. These actions can + /// include scheduled service software updates and blue/green Auto-Tune enhancements. + /// OpenSearch Service will schedule these actions during the window that you + /// specify. + /// + /// + /// If you don't specify a window start time, it defaults to 10:00 P.M. local + /// time. + /// + /// + /// For more information, see Defining off-peak maintenance windows for Amazon + /// OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "offPeakWindow")] + pub off_peak_window: Option, +} + +/// A custom 10-hour, low-traffic window during which OpenSearch Service can +/// perform mandatory configuration changes on the domain. These actions can +/// include scheduled service software updates and blue/green Auto-Tune enhancements. +/// OpenSearch Service will schedule these actions during the window that you +/// specify. +/// +/// +/// If you don't specify a window start time, it defaults to 10:00 P.M. local +/// time. +/// +/// +/// For more information, see Defining off-peak maintenance windows for Amazon +/// OpenSearch Service (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/off-peak.html). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DomainOffPeakWindowOptionsOffPeakWindow { + /// The desired start time for an off-peak maintenance window (https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_OffPeakWindow.html). + #[serde(default, skip_serializing_if = "Option::is_none", rename = "windowStartTime")] + pub window_start_time: Option, +} + +/// The desired start time for an off-peak maintenance window (https://docs.aws.amazon.com/opensearch-service/latest/APIReference/API_OffPeakWindow.html). +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DomainOffPeakWindowOptionsOffPeakWindowWindowStartTime { + #[serde(default, skip_serializing_if = "Option::is_none")] + pub hours: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub minutes: Option, +} + +/// Software update options for the domain. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DomainSoftwareUpdateOptions { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "autoSoftwareUpdateEnabled")] + pub auto_software_update_enabled: Option, +} + +/// A tag (key-value pair) for an Amazon OpenSearch Service resource. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainTags { - /// A string of length from 1 to 128 characters that specifies the key for a - /// tag. Tag keys must be unique for the domain to which they're attached. + /// A string between 1 to 128 characters that specifies the key for a tag. Tag + /// keys must be unique for the domain to which they're attached. #[serde(default, skip_serializing_if = "Option::is_none")] pub key: Option, - /// A string of length from 0 to 256 characters that specifies the value for - /// a tag. Tag values can be null and don't have to be unique in a tag set. + /// A string between 0 to 256 characters that specifies the value for a tag. + /// Tag values can be null and don't have to be unique in a tag set. #[serde(default, skip_serializing_if = "Option::is_none")] pub value: Option, } -/// Options to specify the subnets and security groups for a VPC endpoint. For -/// more information, see Launching your Amazon OpenSearch Service domains using -/// a VPC (http://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html). +/// Container for the values required to configure VPC access domains. If you +/// don't specify these values, OpenSearch Service creates the domain with a +/// public endpoint. For more information, see Launching your Amazon OpenSearch +/// Service domains using a VPC (https://docs.aws.amazon.com/opensearch-service/latest/developerguide/vpc.html). #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainVpcOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "securityGroupIDs")] @@ -358,7 +500,7 @@ pub struct DomainStatus { /// constructed ARN for the resource #[serde(default, skip_serializing_if = "Option::is_none", rename = "ackResourceMetadata")] pub ack_resource_metadata: Option, - /// Specifies change details of the domain configuration change. + /// Information about a configuration change happening on the domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "changeProgressDetails")] pub change_progress_details: Option, /// All CRS managed by ACK have a common `Status.Conditions` member that @@ -367,38 +509,61 @@ pub struct DomainStatus { /// resource #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, - /// The domain creation status. True if the creation of a domain is complete. - /// False if domain creation is still in progress. + /// Creation status of an OpenSearch Service domain. True if domain creation + /// is complete. False if domain creation is still in progress. #[serde(default, skip_serializing_if = "Option::is_none")] pub created: Option, - /// The domain deletion status. True if a delete request has been received for - /// the domain but resource cleanup is still in progress. False if the domain - /// has not been deleted. Once domain deletion is complete, the status of the - /// domain is no longer returned. + /// Deletion status of an OpenSearch Service domain. True if domain deletion + /// is complete. False if domain deletion is still in progress. Once deletion + /// is complete, the status of the domain is no longer returned. #[serde(default, skip_serializing_if = "Option::is_none")] pub deleted: Option, - /// The unique identifier for the specified domain. + /// The dual stack hosted zone ID for the domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "domainEndpointV2HostedZoneID")] + pub domain_endpoint_v2_hosted_zone_id: Option, + /// Unique identifier for the domain. #[serde(default, skip_serializing_if = "Option::is_none", rename = "domainID")] pub domain_id: Option, - /// The domain endpoint that you use to submit index and search requests. + /// The status of any changes that are currently in progress for the domain. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "domainProcessingStatus")] + pub domain_processing_status: Option, + /// Domain-specific endpoint used to submit index, search, and data upload requests + /// to the domain. #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoint: Option, - /// Map containing the domain endpoints used to submit index and search requests. - /// Example key, value: 'vpc','vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com'. + /// If IPAddressType to set to dualstack, a version 2 domain endpoint is provisioned. + /// This endpoint functions like a normal endpoint, except that it works with + /// both IPv4 and IPv6 IP addresses. Normal endpoints work only with IPv4 IP + /// addresses. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "endpointV2")] + pub endpoint_v2: Option, + /// The key-value pair that exists if the OpenSearch Service domain uses VPC + /// endpoints. For example: + /// + /// + /// * IPv4 IP addresses - 'vpc','vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.us-east-1.es.amazonaws.com' + /// + /// + /// * Dual stack IP addresses - 'vpcv2':'vpc-endpoint-h2dsd34efgyghrtguk5gt6j2foh4.aos.us-east-1.on.aws' #[serde(default, skip_serializing_if = "Option::is_none")] pub endpoints: Option>, - /// The status of the domain configuration. True if Amazon OpenSearch Service - /// is processing configuration changes. False if the configuration is active. + /// Information about the domain properties that are currently being modified. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "modifyingProperties")] + pub modifying_properties: Option>, + /// The status of the domain configuration. True if OpenSearch Service is processing + /// configuration changes. False if the configuration is active. #[serde(default, skip_serializing_if = "Option::is_none")] pub processing: Option, /// The current status of the domain's service software. #[serde(default, skip_serializing_if = "Option::is_none", rename = "serviceSoftwareOptions")] pub service_software_options: Option, - /// The status of the SnapshotOptions. + /// DEPRECATED. Container for parameters required to configure automated snapshots + /// of domain indexes. #[serde(default, skip_serializing_if = "Option::is_none", rename = "snapshotOptions")] pub snapshot_options: Option, - /// The status of a domain version upgrade. True if Amazon OpenSearch Service - /// is undergoing a version upgrade. False if the configuration is active. + /// The status of a domain version upgrade to a new version of OpenSearch or + /// Elasticsearch. True if OpenSearch Service is in the process of a version + /// upgrade. False if the configuration is active. #[serde(default, skip_serializing_if = "Option::is_none", rename = "upgradeProcessing")] pub upgrade_processing: Option, } @@ -426,13 +591,34 @@ pub struct DomainStatusAckResourceMetadata { pub region: String, } -/// Specifies change details of the domain configuration change. +/// Information about a configuration change happening on the domain. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainStatusChangeProgressDetails { #[serde(default, skip_serializing_if = "Option::is_none", rename = "changeID")] pub change_id: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "configChangeStatus")] + pub config_change_status: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "initiatedBy")] + pub initiated_by: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastUpdatedTime")] + pub last_updated_time: Option, #[serde(default, skip_serializing_if = "Option::is_none")] pub message: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "startTime")] + pub start_time: Option, +} + +/// Information about the domain properties that are currently being modified. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct DomainStatusModifyingProperties { + #[serde(default, skip_serializing_if = "Option::is_none", rename = "activeValue")] + pub active_value: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "pendingValue")] + pub pending_value: Option, + #[serde(default, skip_serializing_if = "Option::is_none", rename = "valueType")] + pub value_type: Option, } /// The current status of the domain's service software. @@ -456,7 +642,8 @@ pub struct DomainStatusServiceSoftwareOptions { pub update_status: Option, } -/// The status of the SnapshotOptions. +/// DEPRECATED. Container for parameters required to configure automated snapshots +/// of domain indexes. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct DomainStatusSnapshotOptions { #[serde(default, skip_serializing_if = "Option::is_none", rename = "automatedSnapshotStartHour")] diff --git a/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs b/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs index 0598d5e0a..a5849a604 100644 --- a/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs +++ b/kube-custom-resources-rs/src/org_eclipse_che/v2/checlusters.rs @@ -574,7 +574,7 @@ pub struct CheClusterComponentsDevWorkspace { /// Configuration settings related to the devfile registry used by the Che installation. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CheClusterComponentsDevfileRegistry { - /// Deployment override options. + /// Deprecated deployment override options. #[serde(default, skip_serializing_if = "Option::is_none")] pub deployment: Option, /// Disables internal devfile registry. @@ -585,7 +585,7 @@ pub struct CheClusterComponentsDevfileRegistry { pub external_devfile_registries: Option>, } -/// Deployment override options. +/// Deprecated deployment override options. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct CheClusterComponentsDevfileRegistryDeployment { /// List of containers belonging to the pod. @@ -4089,7 +4089,7 @@ pub struct CheClusterStatus { /// Currently installed Che version. #[serde(default, skip_serializing_if = "Option::is_none", rename = "cheVersion")] pub che_version: Option, - /// The public URL of the internal devfile registry. + /// Deprecated the public URL of the internal devfile registry. #[serde(default, skip_serializing_if = "Option::is_none", rename = "devfileRegistryURL")] pub devfile_registry_url: Option, /// Specifies the current phase of the gateway deployment. diff --git a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusterpropagationpolicies.rs b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusterpropagationpolicies.rs index 4f621bbb3..81e185b75 100644 --- a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusterpropagationpolicies.rs +++ b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/clusterpropagationpolicies.rs @@ -120,6 +120,10 @@ pub struct ClusterPropagationPolicySpec { /// If not specified, the policy will be dispatched by default scheduler. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, + /// Suspension declares the policy for suspending different aspects of propagation. + /// nil means no suspension. no default values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub suspension: Option, } /// Spec represents the desired behavior of ClusterPropagationPolicy. @@ -172,7 +176,7 @@ pub struct ClusterPropagationPolicyFailoverApplication { /// Valid options are "Immediately", "Graciously" and "Never". /// Defaults to "Graciously". #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] - pub purge_mode: Option, + pub purge_mode: Option, } /// DecisionConditions indicates the decision conditions of performing the failover process. @@ -189,6 +193,17 @@ pub struct ClusterPropagationPolicyFailoverApplicationDecisionConditions { pub toleration_seconds: Option, } +/// Application indicates failover behaviors in case of application failure. +/// If this value is nil, failover is disabled. +/// If set, the PropagateDeps should be true so that the dependencies could +/// be migrated along with the application. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterPropagationPolicyFailoverApplicationPurgeMode { + Immediately, + Graciously, + Never, +} + /// Placement represents the rule for select clusters to propagate resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterPropagationPolicyPlacement { @@ -696,3 +711,30 @@ pub struct ClusterPropagationPolicyResourceSelectorsLabelSelectorMatchExpression pub values: Option>, } +/// Suspension declares the policy for suspending different aspects of propagation. +/// nil means no suspension. no default values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPropagationPolicySuspension { + /// Dispatching controls whether dispatching should be suspended. + /// nil means not suspend, no default value, only accepts 'true'. + /// Note: true means stop propagating to all clusters. Can not co-exist + /// with DispatchingOnClusters which is used to suspend particular clusters. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dispatching: Option, + /// DispatchingOnClusters declares a list of clusters to which the dispatching + /// should be suspended. + /// Note: Can not co-exist with Dispatching which is used to suspend all. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dispatchingOnClusters")] + pub dispatching_on_clusters: Option, +} + +/// DispatchingOnClusters declares a list of clusters to which the dispatching +/// should be suspended. +/// Note: Can not co-exist with Dispatching which is used to suspend all. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterPropagationPolicySuspensionDispatchingOnClusters { + /// ClusterNames is the list of clusters to be selected. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNames")] + pub cluster_names: Option>, +} + diff --git a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/propagationpolicies.rs b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/propagationpolicies.rs index 57f8708a0..4430ca281 100644 --- a/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/propagationpolicies.rs +++ b/kube-custom-resources-rs/src/policy_karmada_io/v1alpha1/propagationpolicies.rs @@ -121,6 +121,10 @@ pub struct PropagationPolicySpec { /// If not specified, the policy will be dispatched by default scheduler. #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, + /// Suspension declares the policy for suspending different aspects of propagation. + /// nil means no suspension. no default values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub suspension: Option, } /// Spec represents the desired behavior of PropagationPolicy. @@ -173,7 +177,7 @@ pub struct PropagationPolicyFailoverApplication { /// Valid options are "Immediately", "Graciously" and "Never". /// Defaults to "Graciously". #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] - pub purge_mode: Option, + pub purge_mode: Option, } /// DecisionConditions indicates the decision conditions of performing the failover process. @@ -190,6 +194,17 @@ pub struct PropagationPolicyFailoverApplicationDecisionConditions { pub toleration_seconds: Option, } +/// Application indicates failover behaviors in case of application failure. +/// If this value is nil, failover is disabled. +/// If set, the PropagateDeps should be true so that the dependencies could +/// be migrated along with the application. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum PropagationPolicyFailoverApplicationPurgeMode { + Immediately, + Graciously, + Never, +} + /// Placement represents the rule for select clusters to propagate resources. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct PropagationPolicyPlacement { @@ -697,3 +712,30 @@ pub struct PropagationPolicyResourceSelectorsLabelSelectorMatchExpressions { pub values: Option>, } +/// Suspension declares the policy for suspending different aspects of propagation. +/// nil means no suspension. no default values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PropagationPolicySuspension { + /// Dispatching controls whether dispatching should be suspended. + /// nil means not suspend, no default value, only accepts 'true'. + /// Note: true means stop propagating to all clusters. Can not co-exist + /// with DispatchingOnClusters which is used to suspend particular clusters. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dispatching: Option, + /// DispatchingOnClusters declares a list of clusters to which the dispatching + /// should be suspended. + /// Note: Can not co-exist with Dispatching which is used to suspend all. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dispatchingOnClusters")] + pub dispatching_on_clusters: Option, +} + +/// DispatchingOnClusters declares a list of clusters to which the dispatching +/// should be suspended. +/// Note: Can not co-exist with Dispatching which is used to suspend all. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct PropagationPolicySuspensionDispatchingOnClusters { + /// ClusterNames is the list of clusters to be selected. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNames")] + pub cluster_names: Option>, +} + diff --git a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/alertmanagerdefinitions.rs b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/alertmanagerdefinitions.rs index 2774f389d..09b15233c 100644 --- a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/alertmanagerdefinitions.rs +++ b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/alertmanagerdefinitions.rs @@ -57,6 +57,8 @@ pub struct AlertManagerDefinitionWorkspaceRef { pub struct AlertManagerDefinitionWorkspaceRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AlertManagerDefinitionStatus defines the observed state of AlertManagerDefinition diff --git a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/loggingconfigurations.rs b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/loggingconfigurations.rs index 1b0b2cfff..1b0ef23c0 100644 --- a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/loggingconfigurations.rs +++ b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/loggingconfigurations.rs @@ -59,6 +59,8 @@ pub struct LoggingConfigurationWorkspaceRef { pub struct LoggingConfigurationWorkspaceRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// LoggingConfigurationStatus defines the observed state of LoggingConfiguration diff --git a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/rulegroupsnamespaces.rs b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/rulegroupsnamespaces.rs index 20fd845bf..a79917026 100644 --- a/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/rulegroupsnamespaces.rs +++ b/kube-custom-resources-rs/src/prometheusservice_services_k8s_aws/v1alpha1/rulegroupsnamespaces.rs @@ -63,6 +63,8 @@ pub struct RuleGroupsNamespaceWorkspaceRef { pub struct RuleGroupsNamespaceWorkspaceRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// RuleGroupsNamespaceStatus defines the observed state of RuleGroupsNamespace diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusters.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusters.rs index ddc357902..a36925d31 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusters.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbclusters.rs @@ -1009,6 +1009,8 @@ pub struct DBClusterDbClusterParameterGroupRef { pub struct DBClusterDbClusterParameterGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -1033,6 +1035,8 @@ pub struct DBClusterDbSubnetGroupRef { pub struct DBClusterDbSubnetGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -1057,6 +1061,8 @@ pub struct DBClusterKmsKeyRef { pub struct DBClusterKmsKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// The password for the master database user. This password can contain any @@ -1107,6 +1113,8 @@ pub struct DBClusterMasterUserSecretKmsKeyRef { pub struct DBClusterMasterUserSecretKmsKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// For DB clusters in serverless DB engine mode, the scaling properties of the @@ -1178,6 +1186,8 @@ pub struct DBClusterVpcSecurityGroupRefs { pub struct DBClusterVpcSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// DBClusterStatus defines the observed state of DBCluster diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbinstances.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbinstances.rs index 7b9c0a6d7..cfba9be7f 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbinstances.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbinstances.rs @@ -1644,6 +1644,8 @@ pub struct DBInstanceDbParameterGroupRef { pub struct DBInstanceDbParameterGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -1668,6 +1670,8 @@ pub struct DBInstanceDbSubnetGroupRef { pub struct DBInstanceDbSubnetGroupRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -1692,6 +1696,8 @@ pub struct DBInstanceKmsKeyRef { pub struct DBInstanceKmsKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// The password for the master user. The password can include any printable @@ -1769,6 +1775,8 @@ pub struct DBInstanceMasterUserSecretKmsKeyRef { pub struct DBInstanceMasterUserSecretKmsKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Contains the processor features of a DB instance class. @@ -1876,6 +1884,8 @@ pub struct DBInstanceVpcSecurityGroupRefs { pub struct DBInstanceVpcSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// DBInstanceStatus defines the observed state of DBInstance diff --git a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbsubnetgroups.rs b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbsubnetgroups.rs index 6488aeb6e..ac9cc6ec9 100644 --- a/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbsubnetgroups.rs +++ b/kube-custom-resources-rs/src/rds_services_k8s_aws/v1alpha1/dbsubnetgroups.rs @@ -78,6 +78,8 @@ pub struct DBSubnetGroupSubnetRefs { pub struct DBSubnetGroupSubnetRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Metadata assigned to an Amazon RDS resource consisting of a key-value pair. diff --git a/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/recordsets.rs b/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/recordsets.rs index 26bba0097..aadbf635f 100644 --- a/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/recordsets.rs +++ b/kube-custom-resources-rs/src/route53_services_k8s_aws/v1alpha1/recordsets.rs @@ -773,6 +773,8 @@ pub struct RecordSetHostedZoneRef { pub struct RecordSetHostedZoneRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// Information specific to the resource record. diff --git a/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverendpoints.rs b/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverendpoints.rs index b2a172058..ae8fe8a9c 100644 --- a/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverendpoints.rs +++ b/kube-custom-resources-rs/src/route53resolver_services_k8s_aws/v1alpha1/resolverendpoints.rs @@ -99,6 +99,8 @@ pub struct ResolverEndpointIpAddressesSubnetRef { pub struct ResolverEndpointIpAddressesSubnetRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -123,6 +125,8 @@ pub struct ResolverEndpointSecurityGroupRefs { pub struct ResolverEndpointSecurityGroupRefsFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// One tag that you want to add to the specified resource. A tag consists of diff --git a/kube-custom-resources-rs/src/schemas_schemahero_io/v1alpha4/tables.rs b/kube-custom-resources-rs/src/schemas_schemahero_io/v1alpha4/tables.rs index 7243cd009..c3f458aba 100644 --- a/kube-custom-resources-rs/src/schemas_schemahero_io/v1alpha4/tables.rs +++ b/kube-custom-resources-rs/src/schemas_schemahero_io/v1alpha4/tables.rs @@ -654,7 +654,10 @@ pub struct TableSeedDataRowsColumnsValue { /// TableStatus defines the observed state of Table #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct TableStatus { - /// We store the SHA of the table spec from the last time we executed a plan to make startup less noisy by skipping re-planning objects that have been planned we cannot use the resourceVersion or generation fields because updating them would cause the object to be modified again + /// We store the SHA of the table spec from the last time we executed a plan to + /// make startup less noisy by skipping re-planning objects that have been planned + /// we cannot use the resourceVersion or generation fields because updating them + /// would cause the object to be modified again #[serde(default, skip_serializing_if = "Option::is_none", rename = "lastPlannedTableSpecSHA")] pub last_planned_table_spec_sha: Option, } diff --git a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformapplications.rs b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformapplications.rs index c06773c94..a9c67d1e8 100644 --- a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformapplications.rs +++ b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformapplications.rs @@ -122,6 +122,8 @@ pub struct PlatformApplicationEventEndpointCreatedRef { pub struct PlatformApplicationEventEndpointCreatedRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -146,6 +148,8 @@ pub struct PlatformApplicationEventEndpointDeletedRef { pub struct PlatformApplicationEventEndpointDeletedRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -170,6 +174,8 @@ pub struct PlatformApplicationEventEndpointUpdatedRef { pub struct PlatformApplicationEventEndpointUpdatedRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -194,6 +200,8 @@ pub struct PlatformApplicationFailureFeedbackRoleRef { pub struct PlatformApplicationFailureFeedbackRoleRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -218,6 +226,8 @@ pub struct PlatformApplicationSuccessFeedbackRoleRef { pub struct PlatformApplicationSuccessFeedbackRoleRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// PlatformApplicationStatus defines the observed state of PlatformApplication diff --git a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs index ede7cfdac..a06505330 100644 --- a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs +++ b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/platformendpoints.rs @@ -19,8 +19,6 @@ use self::prelude::*; #[kube(derive="Default")] #[kube(derive="PartialEq")] pub struct PlatformEndpointSpec { - /// Arbitrary user data to associate with the endpoint. Amazon SNS does not use - /// this data. The data must be in UTF-8 format and less than 2KB. #[serde(default, skip_serializing_if = "Option::is_none", rename = "customUserData")] pub custom_user_data: Option, #[serde(default, skip_serializing_if = "Option::is_none")] @@ -29,12 +27,6 @@ pub struct PlatformEndpointSpec { /// create a an endpoint. #[serde(rename = "platformApplicationARN")] pub platform_application_arn: String, - /// Unique identifier created by the notification service for an app on a device. - /// The specific name for Token will vary, depending on which notification service - /// is being used. For example, when using APNS as the notification service, - /// you need the device token. Alternatively, when using GCM (Firebase Cloud - /// Messaging) or ADM, the device token equivalent is called the registration - /// ID. pub token: String, } diff --git a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/subscriptions.rs b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/subscriptions.rs index 370ec327d..c6fb6367d 100644 --- a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/subscriptions.rs +++ b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/subscriptions.rs @@ -137,6 +137,8 @@ pub struct SubscriptionTopicRef { pub struct SubscriptionTopicRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// SubscriptionStatus defines the observed state of Subscription diff --git a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/topics.rs b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/topics.rs index 91c99a033..1724d3ac0 100644 --- a/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/topics.rs +++ b/kube-custom-resources-rs/src/sns_services_k8s_aws/v1alpha1/topics.rs @@ -112,6 +112,8 @@ pub struct TopicKmsMasterKeyRef { pub struct TopicKmsMasterKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -136,6 +138,8 @@ pub struct TopicPolicyRef { pub struct TopicPolicyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// The list of tags to be added to the specified topic. diff --git a/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1beta2/buckets.rs b/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1beta2/buckets.rs index 86302a404..dc4c7f6be 100644 --- a/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1beta2/buckets.rs +++ b/kube-custom-resources-rs/src/source_toolkit_fluxcd_io/v1beta2/buckets.rs @@ -84,6 +84,14 @@ pub struct BucketSpec { /// for the Bucket. #[serde(default, skip_serializing_if = "Option::is_none", rename = "secretRef")] pub secret_ref: Option, + /// STS specifies the required configuration to use a Security Token + /// Service for fetching temporary credentials to authenticate in a + /// Bucket provider. + /// + /// + /// This field is only supported for the `aws` provider. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sts: Option, /// Suspend tells the controller to suspend the reconciliation of this /// Bucket. #[serde(default, skip_serializing_if = "Option::is_none")] @@ -171,6 +179,33 @@ pub struct BucketSecretRef { pub name: String, } +/// STS specifies the required configuration to use a Security Token +/// Service for fetching temporary credentials to authenticate in a +/// Bucket provider. +/// +/// +/// This field is only supported for the `aws` provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub struct BucketSts { + /// Endpoint is the HTTP/S endpoint of the Security Token Service from + /// where temporary credentials will be fetched. + pub endpoint: String, + /// Provider of the Security Token Service. + pub provider: BucketStsProvider, +} + +/// STS specifies the required configuration to use a Security Token +/// Service for fetching temporary credentials to authenticate in a +/// Bucket provider. +/// +/// +/// This field is only supported for the `aws` provider. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum BucketStsProvider { + #[serde(rename = "aws")] + Aws, +} + /// BucketStatus records the observed state of a Bucket. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct BucketStatus { diff --git a/kube-custom-resources-rs/src/sqs_services_k8s_aws/v1alpha1/queues.rs b/kube-custom-resources-rs/src/sqs_services_k8s_aws/v1alpha1/queues.rs index aa76da1b0..852979bd9 100644 --- a/kube-custom-resources-rs/src/sqs_services_k8s_aws/v1alpha1/queues.rs +++ b/kube-custom-resources-rs/src/sqs_services_k8s_aws/v1alpha1/queues.rs @@ -125,6 +125,8 @@ pub struct QueueKmsMasterKeyRef { pub struct QueueKmsMasterKeyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference @@ -149,6 +151,8 @@ pub struct QueuePolicyRef { pub struct QueuePolicyRefFrom { #[serde(default, skip_serializing_if = "Option::is_none")] pub name: Option, + #[serde(default, skip_serializing_if = "Option::is_none")] + pub namespace: Option, } /// QueueStatus defines the observed state of Queue diff --git a/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/clusterresourcebindings.rs b/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/clusterresourcebindings.rs index d3b01537c..f31cbb709 100644 --- a/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/clusterresourcebindings.rs +++ b/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/clusterresourcebindings.rs @@ -84,6 +84,10 @@ pub struct ClusterResourceBindingSpec { /// It inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy). #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, + /// Suspension declares the policy for suspending different aspects of propagation. + /// nil means no suspension. no default values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub suspension: Option, } /// TargetCluster represents the identifier of a member cluster. @@ -140,7 +144,7 @@ pub struct ClusterResourceBindingFailoverApplication { /// Valid options are "Immediately", "Graciously" and "Never". /// Defaults to "Graciously". #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] - pub purge_mode: Option, + pub purge_mode: Option, } /// DecisionConditions indicates the decision conditions of performing the failover process. @@ -157,6 +161,17 @@ pub struct ClusterResourceBindingFailoverApplicationDecisionConditions { pub toleration_seconds: Option, } +/// Application indicates failover behaviors in case of application failure. +/// If this value is nil, failover is disabled. +/// If set, the PropagateDeps should be true so that the dependencies could +/// be migrated along with the application. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ClusterResourceBindingFailoverApplicationPurgeMode { + Immediately, + Graciously, + Never, +} + /// GracefulEvictionTask represents a graceful eviction task. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterResourceBindingGracefulEvictionTasks { @@ -824,6 +839,33 @@ pub struct ClusterResourceBindingResource { pub uid: Option, } +/// Suspension declares the policy for suspending different aspects of propagation. +/// nil means no suspension. no default values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterResourceBindingSuspension { + /// Dispatching controls whether dispatching should be suspended. + /// nil means not suspend, no default value, only accepts 'true'. + /// Note: true means stop propagating to all clusters. Can not co-exist + /// with DispatchingOnClusters which is used to suspend particular clusters. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dispatching: Option, + /// DispatchingOnClusters declares a list of clusters to which the dispatching + /// should be suspended. + /// Note: Can not co-exist with Dispatching which is used to suspend all. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dispatchingOnClusters")] + pub dispatching_on_clusters: Option, +} + +/// DispatchingOnClusters declares a list of clusters to which the dispatching +/// should be suspended. +/// Note: Can not co-exist with Dispatching which is used to suspend all. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ClusterResourceBindingSuspensionDispatchingOnClusters { + /// ClusterNames is the list of clusters to be selected. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNames")] + pub cluster_names: Option>, +} + /// Status represents the most recently observed status of the ResourceBinding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ClusterResourceBindingStatus { diff --git a/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/resourcebindings.rs b/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/resourcebindings.rs index f8b7638a9..988e95f0f 100644 --- a/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/resourcebindings.rs +++ b/kube-custom-resources-rs/src/work_karmada_io/v1alpha2/resourcebindings.rs @@ -85,6 +85,10 @@ pub struct ResourceBindingSpec { /// It inherits directly from the associated PropagationPolicy(or ClusterPropagationPolicy). #[serde(default, skip_serializing_if = "Option::is_none", rename = "schedulerName")] pub scheduler_name: Option, + /// Suspension declares the policy for suspending different aspects of propagation. + /// nil means no suspension. no default values. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub suspension: Option, } /// TargetCluster represents the identifier of a member cluster. @@ -141,7 +145,7 @@ pub struct ResourceBindingFailoverApplication { /// Valid options are "Immediately", "Graciously" and "Never". /// Defaults to "Graciously". #[serde(default, skip_serializing_if = "Option::is_none", rename = "purgeMode")] - pub purge_mode: Option, + pub purge_mode: Option, } /// DecisionConditions indicates the decision conditions of performing the failover process. @@ -158,6 +162,17 @@ pub struct ResourceBindingFailoverApplicationDecisionConditions { pub toleration_seconds: Option, } +/// Application indicates failover behaviors in case of application failure. +/// If this value is nil, failover is disabled. +/// If set, the PropagateDeps should be true so that the dependencies could +/// be migrated along with the application. +#[derive(Serialize, Deserialize, Clone, Debug, PartialEq)] +pub enum ResourceBindingFailoverApplicationPurgeMode { + Immediately, + Graciously, + Never, +} + /// GracefulEvictionTask represents a graceful eviction task. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceBindingGracefulEvictionTasks { @@ -825,6 +840,33 @@ pub struct ResourceBindingResource { pub uid: Option, } +/// Suspension declares the policy for suspending different aspects of propagation. +/// nil means no suspension. no default values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ResourceBindingSuspension { + /// Dispatching controls whether dispatching should be suspended. + /// nil means not suspend, no default value, only accepts 'true'. + /// Note: true means stop propagating to all clusters. Can not co-exist + /// with DispatchingOnClusters which is used to suspend particular clusters. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub dispatching: Option, + /// DispatchingOnClusters declares a list of clusters to which the dispatching + /// should be suspended. + /// Note: Can not co-exist with Dispatching which is used to suspend all. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "dispatchingOnClusters")] + pub dispatching_on_clusters: Option, +} + +/// DispatchingOnClusters declares a list of clusters to which the dispatching +/// should be suspended. +/// Note: Can not co-exist with Dispatching which is used to suspend all. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct ResourceBindingSuspensionDispatchingOnClusters { + /// ClusterNames is the list of clusters to be selected. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterNames")] + pub cluster_names: Option>, +} + /// Status represents the most recently observed status of the ResourceBinding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct ResourceBindingStatus { diff --git a/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs b/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs index 579c2d8ee..d6b01a9ae 100644 --- a/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs +++ b/kube-custom-resources-rs/src/workloads_kubeblocks_io/v1alpha1/instancesets.rs @@ -836,8 +836,31 @@ pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAffinityPreferredDurin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -861,6 +884,7 @@ pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAffinityPreferredDurin } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -933,8 +957,31 @@ pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAffinityPreferredDurin #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -958,6 +1005,7 @@ pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAffinityRequiredDuring } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1061,8 +1109,31 @@ pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredD #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1086,6 +1157,7 @@ pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredD } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1158,8 +1230,31 @@ pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAntiAffinityPreferredD #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -1183,6 +1278,7 @@ pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDu } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesSchedulingPolicyAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -1532,6 +1628,20 @@ pub struct InstanceSetInstancesVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -1610,17 +1720,6 @@ pub struct InstanceSetInstancesVolumeClaimTemplatesSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -1633,15 +1732,6 @@ pub struct InstanceSetInstancesVolumeClaimTemplatesSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesVolumeClaimTemplatesSpecSelector { @@ -1755,11 +1845,42 @@ pub struct InstanceSetInstancesVolumeClaimTemplatesStatus { /// resized then the Condition will be set to 'ResizeStarted'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + /// When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentVolumeAttributesClassName")] + pub current_volume_attributes_class_name: Option, + /// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + /// When this is unset, there is no ModifyVolume operation being attempted. + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "modifyVolumeStatus")] + pub modify_volume_status: Option, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, } +/// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. +/// When this is unset, there is no ModifyVolume operation being attempted. +/// This is an alpha field and requires enabling VolumeAttributesClass feature. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetInstancesVolumeClaimTemplatesStatusModifyVolumeStatus { + /// status is the status of the ControllerModifyVolume operation. It can be in any of following states: + /// - Pending + /// Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as + /// the specified VolumeAttributesClass not existing. + /// - InProgress + /// InProgress indicates that the volume is being modified. + /// - Infeasible + /// Infeasible indicates that the request has been rejected as invalid by the CSI driver. To + /// resolve the error, a valid VolumeAttributesClass needs to be specified. + /// Note: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately. + pub status: String, + /// targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetVolumeAttributesClassName")] + pub target_volume_attributes_class_name: Option, +} + /// VolumeMount describes a mounting of a Volume within a container. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesVolumeMounts { @@ -2433,6 +2554,20 @@ pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -2511,17 +2646,6 @@ pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecDataSource /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -2534,15 +2658,6 @@ pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecResources pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -2877,6 +2992,24 @@ pub struct InstanceSetInstancesVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -2891,6 +3024,83 @@ pub struct InstanceSetInstancesVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetInstancesVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetInstancesVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetInstancesVolumesProjectedSourcesConfigMap { @@ -3810,7 +4020,7 @@ pub struct InstanceSetServiceSpecPorts { /// /// /// * Kubernetes-defined prefixed names: - /// * 'kubernetes.io/h2c' - HTTP/2 over cleartext as described in https://www.rfc-editor.org/rfc/rfc7540 + /// * 'kubernetes.io/h2c' - HTTP/2 prior knowledge over cleartext as described in https://www.rfc-editor.org/rfc/rfc9113.html#name-starting-http-2-with-prior- /// * 'kubernetes.io/ws' - WebSocket over cleartext as described in https://www.rfc-editor.org/rfc/rfc6455 /// * 'kubernetes.io/wss' - WebSocket over TLS as described in https://www.rfc-editor.org/rfc/rfc6455 /// @@ -3910,6 +4120,14 @@ pub struct InstanceSetServiceStatusLoadBalancerIngress { /// (typically GCE or OpenStack load-balancers) #[serde(default, skip_serializing_if = "Option::is_none")] pub ip: Option, + /// IPMode specifies how the load-balancer IP behaves, and may only be specified when the ip field is specified. + /// Setting this to "VIP" indicates that traffic is delivered to the node with + /// the destination set to the load-balancer's IP and port. + /// Setting this to "Proxy" indicates that traffic is delivered to the node or pod with + /// the destination set to the node's IP and node port or the pod's IP and port. + /// Service implementations may use this information to adjust traffic routing. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "ipMode")] + pub ip_mode: Option, /// Ports is a list of records of service ports /// If used, every port defined in the service should have an entry in it #[serde(default, skip_serializing_if = "Option::is_none")] @@ -4427,8 +4645,31 @@ pub struct InstanceSetTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIg #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4452,6 +4693,7 @@ pub struct InstanceSetTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIg } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4524,8 +4766,31 @@ pub struct InstanceSetTemplateSpecAffinityPodAffinityPreferredDuringSchedulingIg #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4549,6 +4814,7 @@ pub struct InstanceSetTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgn } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecAffinityPodAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4652,8 +4918,31 @@ pub struct InstanceSetTemplateSpecAffinityPodAntiAffinityPreferredDuringScheduli #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTerm { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4677,6 +4966,7 @@ pub struct InstanceSetTemplateSpecAffinityPodAntiAffinityPreferredDuringScheduli } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecAffinityPodAntiAffinityPreferredDuringSchedulingIgnoredDuringExecutionPodAffinityTermLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -4749,8 +5039,31 @@ pub struct InstanceSetTemplateSpecAffinityPodAntiAffinityPreferredDuringScheduli #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecution { /// A label query over a set of resources, in this case pods. + /// If it's null, this PodAffinityTerm matches with no Pods. #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] pub label_selector: Option, + /// MatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key in (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. + /// Also, MatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabelKeys")] + pub match_label_keys: Option>, + /// MismatchLabelKeys is a set of pod label keys to select which pods will + /// be taken into consideration. The keys are used to lookup values from the + /// incoming pod labels, those key-value labels are merged with `LabelSelector` as `key notin (value)` + /// to select the group of existing pods which pods will be taken into consideration + /// for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming + /// pod labels will be ignored. The default value is empty. + /// The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. + /// Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. + /// This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "mismatchLabelKeys")] + pub mismatch_label_keys: Option>, /// A label query over the set of namespaces that the term applies to. /// The term is applied to the union of the namespaces selected by this field /// and the ones listed in the namespaces field. @@ -4774,6 +5087,7 @@ pub struct InstanceSetTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulin } /// A label query over a set of resources, in this case pods. +/// If it's null, this PodAffinityTerm matches with no Pods. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecAffinityPodAntiAffinityRequiredDuringSchedulingIgnoredDuringExecutionLabelSelector { /// matchExpressions is a list of label selector requirements. The requirements are ANDed. @@ -5175,6 +5489,9 @@ pub struct InstanceSetTemplateSpecContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -5227,6 +5544,13 @@ pub struct InstanceSetTemplateSpecContainersLifecyclePostStartHttpGetHttpHeaders pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetTemplateSpecContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -5258,6 +5582,9 @@ pub struct InstanceSetTemplateSpecContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -5310,6 +5637,13 @@ pub struct InstanceSetTemplateSpecContainersLifecyclePreStopHttpGetHttpHeaders { pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetTemplateSpecContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -6334,6 +6668,9 @@ pub struct InstanceSetTemplateSpecEphemeralContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -6386,6 +6723,13 @@ pub struct InstanceSetTemplateSpecEphemeralContainersLifecyclePostStartHttpGetHt pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetTemplateSpecEphemeralContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -6417,6 +6761,9 @@ pub struct InstanceSetTemplateSpecEphemeralContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -6469,6 +6816,13 @@ pub struct InstanceSetTemplateSpecEphemeralContainersLifecyclePreStopHttpGetHttp pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetTemplateSpecEphemeralContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -7488,6 +7842,9 @@ pub struct InstanceSetTemplateSpecInitContainersLifecyclePostStart { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -7540,6 +7897,13 @@ pub struct InstanceSetTemplateSpecInitContainersLifecyclePostStartHttpGetHttpHea pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetTemplateSpecInitContainersLifecyclePostStartSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -7571,6 +7935,9 @@ pub struct InstanceSetTemplateSpecInitContainersLifecyclePreStop { /// HTTPGet specifies the http request to perform. #[serde(default, skip_serializing_if = "Option::is_none", rename = "httpGet")] pub http_get: Option, + /// Sleep represents the duration that the container should sleep before being terminated. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub sleep: Option, /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -7623,6 +7990,13 @@ pub struct InstanceSetTemplateSpecInitContainersLifecyclePreStopHttpGetHttpHeade pub value: String, } +/// Sleep represents the duration that the container should sleep before being terminated. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetTemplateSpecInitContainersLifecyclePreStopSleep { + /// Seconds is the number of seconds to sleep. + pub seconds: i64, +} + /// Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept /// for the backward compatibility. There are no validation of this field and /// lifecycle hooks will fail in runtime when tcp handler is specified. @@ -9377,6 +9751,20 @@ pub struct InstanceSetTemplateSpecVolumesEphemeralVolumeClaimTemplateSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -9455,17 +9843,6 @@ pub struct InstanceSetTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecDataSou /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -9478,15 +9855,6 @@ pub struct InstanceSetTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecResourc pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecVolumesEphemeralVolumeClaimTemplateSpecSelector { @@ -9821,6 +10189,24 @@ pub struct InstanceSetTemplateSpecVolumesProjected { /// Projection that may be projected along with other supported volume types #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecVolumesProjectedSources { + /// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field + /// of ClusterTrustBundle objects in an auto-updating file. + /// + /// + /// Alpha, gated by the ClusterTrustBundleProjection feature gate. + /// + /// + /// ClusterTrustBundle objects can either be selected by name, or by the + /// combination of signer name and a label selector. + /// + /// + /// Kubelet performs aggressive normalization of the PEM contents written + /// into the pod filesystem. Esoteric PEM features such as inter-block + /// comments and block headers are stripped. Certificates are deduplicated. + /// The ordering of certificates within the file is arbitrary, and Kubelet + /// may change the order over time. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "clusterTrustBundle")] + pub cluster_trust_bundle: Option, /// configMap information about the configMap data to project #[serde(default, skip_serializing_if = "Option::is_none", rename = "configMap")] pub config_map: Option, @@ -9835,6 +10221,83 @@ pub struct InstanceSetTemplateSpecVolumesProjectedSources { pub service_account_token: Option, } +/// ClusterTrustBundle allows a pod to access the `.spec.trustBundle` field +/// of ClusterTrustBundle objects in an auto-updating file. +/// +/// +/// Alpha, gated by the ClusterTrustBundleProjection feature gate. +/// +/// +/// ClusterTrustBundle objects can either be selected by name, or by the +/// combination of signer name and a label selector. +/// +/// +/// Kubelet performs aggressive normalization of the PEM contents written +/// into the pod filesystem. Esoteric PEM features such as inter-block +/// comments and block headers are stripped. Certificates are deduplicated. +/// The ordering of certificates within the file is arbitrary, and Kubelet +/// may change the order over time. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetTemplateSpecVolumesProjectedSourcesClusterTrustBundle { + /// Select all ClusterTrustBundles that match this label selector. Only has + /// effect if signerName is set. Mutually-exclusive with name. If unset, + /// interpreted as "match nothing". If set but empty, interpreted as "match + /// everything". + #[serde(default, skip_serializing_if = "Option::is_none", rename = "labelSelector")] + pub label_selector: Option, + /// Select a single ClusterTrustBundle by object name. Mutually-exclusive + /// with signerName and labelSelector. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub name: Option, + /// If true, don't block pod startup if the referenced ClusterTrustBundle(s) + /// aren't available. If using name, then the named ClusterTrustBundle is + /// allowed not to exist. If using signerName, then the combination of + /// signerName and labelSelector is allowed to match zero + /// ClusterTrustBundles. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub optional: Option, + /// Relative path from the volume root to write the bundle. + pub path: String, + /// Select all ClusterTrustBundles that match this signer name. + /// Mutually-exclusive with name. The contents of all selected + /// ClusterTrustBundles will be unified and deduplicated. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "signerName")] + pub signer_name: Option, +} + +/// Select all ClusterTrustBundles that match this label selector. Only has +/// effect if signerName is set. Mutually-exclusive with name. If unset, +/// interpreted as "match nothing". If set but empty, interpreted as "match +/// everything". +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelector { + /// matchExpressions is a list of label selector requirements. The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchExpressions")] + pub match_expressions: Option>, + /// matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels + /// map is equivalent to an element of matchExpressions, whose key field is "key", the + /// operator is "In", and the values array contains only "value". The requirements are ANDed. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "matchLabels")] + pub match_labels: Option>, +} + +/// A label selector requirement is a selector that contains values, a key, and an operator that +/// relates the key and values. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetTemplateSpecVolumesProjectedSourcesClusterTrustBundleLabelSelectorMatchExpressions { + /// key is the label key that the selector applies to. + pub key: String, + /// operator represents a key's relationship to a set of values. + /// Valid operators are In, NotIn, Exists and DoesNotExist. + pub operator: String, + /// values is an array of string values. If the operator is In or NotIn, + /// the values array must be non-empty. If the operator is Exists or DoesNotExist, + /// the values array must be empty. This array is replaced during a strategic + /// merge patch. + #[serde(default, skip_serializing_if = "Option::is_none")] + pub values: Option>, +} + /// configMap information about the configMap data to project #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetTemplateSpecVolumesProjectedSourcesConfigMap { @@ -10385,6 +10848,20 @@ pub struct InstanceSetVolumeClaimTemplatesSpec { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1 #[serde(default, skip_serializing_if = "Option::is_none", rename = "storageClassName")] pub storage_class_name: Option, + /// volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. + /// If specified, the CSI driver will create or update the volume with the attributes defined + /// in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, + /// it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass + /// will be applied to the claim but it's not allowed to reset this field to empty string once it is set. + /// If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass + /// will be set by the persistentvolume controller if it exists. + /// If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be + /// set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource + /// exists. + /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#volumeattributesclass + /// (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeAttributesClassName")] + pub volume_attributes_class_name: Option, /// volumeMode defines what type of volume is required by the claim. /// Value of Filesystem is implied when not included in claim spec. #[serde(default, skip_serializing_if = "Option::is_none", rename = "volumeMode")] @@ -10463,17 +10940,6 @@ pub struct InstanceSetVolumeClaimTemplatesSpecDataSourceRef { /// More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetVolumeClaimTemplatesSpecResources { - /// Claims lists the names of resources, defined in spec.resourceClaims, - /// that are used by this container. - /// - /// - /// This is an alpha field and requires enabling the - /// DynamicResourceAllocation feature gate. - /// - /// - /// This field is immutable. It can only be set for containers. - #[serde(default, skip_serializing_if = "Option::is_none")] - pub claims: Option>, /// Limits describes the maximum amount of compute resources allowed. /// More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ #[serde(default, skip_serializing_if = "Option::is_none")] @@ -10486,15 +10952,6 @@ pub struct InstanceSetVolumeClaimTemplatesSpecResources { pub requests: Option>, } -/// ResourceClaim references one entry in PodSpec.ResourceClaims. -#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] -pub struct InstanceSetVolumeClaimTemplatesSpecResourcesClaims { - /// Name must match the name of one entry in pod.spec.resourceClaims of - /// the Pod where this field is used. It makes that resource available - /// inside a container. - pub name: String, -} - /// selector is a label query over volumes to consider for binding. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetVolumeClaimTemplatesSpecSelector { @@ -10608,11 +11065,42 @@ pub struct InstanceSetVolumeClaimTemplatesStatus { /// resized then the Condition will be set to 'ResizeStarted'. #[serde(default, skip_serializing_if = "Option::is_none")] pub conditions: Option>, + /// currentVolumeAttributesClassName is the current name of the VolumeAttributesClass the PVC is using. + /// When unset, there is no VolumeAttributeClass applied to this PersistentVolumeClaim + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "currentVolumeAttributesClassName")] + pub current_volume_attributes_class_name: Option, + /// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. + /// When this is unset, there is no ModifyVolume operation being attempted. + /// This is an alpha field and requires enabling VolumeAttributesClass feature. + #[serde(default, skip_serializing_if = "Option::is_none", rename = "modifyVolumeStatus")] + pub modify_volume_status: Option, /// phase represents the current phase of PersistentVolumeClaim. #[serde(default, skip_serializing_if = "Option::is_none")] pub phase: Option, } +/// ModifyVolumeStatus represents the status object of ControllerModifyVolume operation. +/// When this is unset, there is no ModifyVolume operation being attempted. +/// This is an alpha field and requires enabling VolumeAttributesClass feature. +#[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] +pub struct InstanceSetVolumeClaimTemplatesStatusModifyVolumeStatus { + /// status is the status of the ControllerModifyVolume operation. It can be in any of following states: + /// - Pending + /// Pending indicates that the PersistentVolumeClaim cannot be modified due to unmet requirements, such as + /// the specified VolumeAttributesClass not existing. + /// - InProgress + /// InProgress indicates that the volume is being modified. + /// - Infeasible + /// Infeasible indicates that the request has been rejected as invalid by the CSI driver. To + /// resolve the error, a valid VolumeAttributesClass needs to be specified. + /// Note: New statuses can be added in the future. Consumers should check for unknown statuses and fail appropriately. + pub status: String, + /// targetVolumeAttributesClassName is the name of the VolumeAttributesClass the PVC currently being reconciled + #[serde(default, skip_serializing_if = "Option::is_none", rename = "targetVolumeAttributesClassName")] + pub target_volume_attributes_class_name: Option, +} + /// Represents the current information about the state machine. This data may be out of date. #[derive(Serialize, Deserialize, Clone, Debug, Default, PartialEq)] pub struct InstanceSetStatus {