diff --git a/docs/data-sources/anywhere_eks_amazonaws_com_tinkerbell_datacenter_config_v1alpha1_manifest.md b/docs/data-sources/anywhere_eks_amazonaws_com_tinkerbell_datacenter_config_v1alpha1_manifest.md
index e466767e9..66122aacc 100644
--- a/docs/data-sources/anywhere_eks_amazonaws_com_tinkerbell_datacenter_config_v1alpha1_manifest.md
+++ b/docs/data-sources/anywhere_eks_amazonaws_com_tinkerbell_datacenter_config_v1alpha1_manifest.md
@@ -60,5 +60,6 @@ Required:
Optional:
- `hook_images_url_path` (String) HookImagesURLPath can be used to override the default Hook images path to pull from a local server.
+- `load_balancer_interface` (String) LoadBalancerInterface can be used to configure a load balancer interface for the Tinkerbell stack.
- `os_image_url` (String) OSImageURL can be used to override the default OS image path to pull from a local server. OSImageURL is a URL to the OS image used during provisioning. To perform modular upgrades the OSImageURL must be specified on the TinkerbellMachineConfig objects. You cannot specify an OSImageURL on the TinkerbellDatacenterConfig and TinkerbellMachineConfigs simultaneously. It must include the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could be http://localhost:8080/ubuntu-2204-1.27.tgz
- `skip_load_balancer_deployment` (Boolean) SkipLoadBalancerDeployment when set to 'true' can be used to skip deploying a load balancer to expose Tinkerbell stack. Users will need to deploy and configure a load balancer manually after the cluster is created.
diff --git a/docs/data-sources/argoproj_io_argo_cd_v1alpha1_manifest.md b/docs/data-sources/argoproj_io_argo_cd_v1alpha1_manifest.md
index e01a2b765..07c3df03e 100644
--- a/docs/data-sources/argoproj_io_argo_cd_v1alpha1_manifest.md
+++ b/docs/data-sources/argoproj_io_argo_cd_v1alpha1_manifest.md
@@ -260,16 +260,25 @@ Optional:
Required:
-- `termination` (String) termination indicates termination type.
+- `termination` (String) termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions
Optional:
- `ca_certificate` (String) caCertificate provides the cert authority certificate contents
-- `certificate` (String) certificate provides certificate contents
+- `certificate` (String) certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
- `destination_ca_certificate` (String) destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
-- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
+- `external_certificate` (Attributes) externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set. (see [below for nested schema](#nestedatt--spec--application_set--webhook_server--route--tls--external_certificate))
+- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
- `key` (String) key provides key file contents
+
+### Nested Schema for `spec.application_set.webhook_server.route.tls.external_certificate`
+
+Optional:
+
+- `name` (String) name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+
@@ -526,16 +535,25 @@ Optional:
Required:
-- `termination` (String) termination indicates termination type.
+- `termination` (String) termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions
Optional:
- `ca_certificate` (String) caCertificate provides the cert authority certificate contents
-- `certificate` (String) certificate provides certificate contents
+- `certificate` (String) certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
- `destination_ca_certificate` (String) destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
-- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
+- `external_certificate` (Attributes) externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set. (see [below for nested schema](#nestedatt--spec--grafana--route--tls--external_certificate))
+- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
- `key` (String) key provides key file contents
+
+### Nested Schema for `spec.grafana.route.tls.external_certificate`
+
+Optional:
+
+- `name` (String) name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+
@@ -802,16 +820,25 @@ Optional:
Required:
-- `termination` (String) termination indicates termination type.
+- `termination` (String) termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions
Optional:
- `ca_certificate` (String) caCertificate provides the cert authority certificate contents
-- `certificate` (String) certificate provides certificate contents
+- `certificate` (String) certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
- `destination_ca_certificate` (String) destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
-- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
+- `external_certificate` (Attributes) externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set. (see [below for nested schema](#nestedatt--spec--prometheus--route--tls--external_certificate))
+- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
- `key` (String) key provides key file contents
+
+### Nested Schema for `spec.prometheus.route.tls.external_certificate`
+
+Optional:
+
+- `name` (String) name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+
@@ -3242,16 +3269,25 @@ Optional:
Required:
-- `termination` (String) termination indicates termination type.
+- `termination` (String) termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions
Optional:
- `ca_certificate` (String) caCertificate provides the cert authority certificate contents
-- `certificate` (String) certificate provides certificate contents
+- `certificate` (String) certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
- `destination_ca_certificate` (String) destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
-- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
+- `external_certificate` (Attributes) externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set. (see [below for nested schema](#nestedatt--spec--server--route--tls--external_certificate))
+- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
- `key` (String) key provides key file contents
+
+### Nested Schema for `spec.server.route.tls.external_certificate`
+
+Optional:
+
+- `name` (String) name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+
diff --git a/docs/data-sources/argoproj_io_argo_cd_v1beta1_manifest.md b/docs/data-sources/argoproj_io_argo_cd_v1beta1_manifest.md
index 6f94c5c35..61fa505b1 100644
--- a/docs/data-sources/argoproj_io_argo_cd_v1beta1_manifest.md
+++ b/docs/data-sources/argoproj_io_argo_cd_v1beta1_manifest.md
@@ -104,10 +104,12 @@ Optional:
Optional:
+- `annotations` (Map of String) Custom annotations to pods deployed by the operator
- `enabled` (Boolean) Enabled is the flag to enable the Application Set Controller during ArgoCD installation. (optional, default 'true')
- `env` (Attributes List) Env lets you specify environment for applicationSet controller pods (see [below for nested schema](#nestedatt--spec--application_set--env))
- `extra_command_args` (List of String) ExtraCommandArgs allows users to pass command line arguments to ApplicationSet controller. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraCommandArgs will not overwrite the default command line arguments.
- `image` (String) Image is the Argo CD ApplicationSet image (optional)
+- `labels` (Map of String) Custom labels to pods deployed by the operator
- `log_level` (String) LogLevel describes the log level that should be used by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug,info, error, and warn.
- `resources` (Attributes) Resources defines the Compute Resources required by the container for ApplicationSet. (see [below for nested schema](#nestedatt--spec--application_set--resources))
- `scm_providers` (List of String) SCMProviders defines the list of allowed custom SCM provider API URLs
@@ -262,16 +264,25 @@ Optional:
Required:
-- `termination` (String) termination indicates termination type.
+- `termination` (String) termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions
Optional:
- `ca_certificate` (String) caCertificate provides the cert authority certificate contents
-- `certificate` (String) certificate provides certificate contents
+- `certificate` (String) certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
- `destination_ca_certificate` (String) destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
-- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
+- `external_certificate` (Attributes) externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set. (see [below for nested schema](#nestedatt--spec--application_set--webhook_server--route--tls--external_certificate))
+- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
- `key` (String) key provides key file contents
+
+### Nested Schema for `spec.application_set.webhook_server.route.tls.external_certificate`
+
+Optional:
+
+- `name` (String) name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+
@@ -293,11 +304,13 @@ Optional:
Optional:
+- `annotations` (Map of String) Custom annotations to pods deployed by the operator
- `app_sync` (String) AppSync is used to control the sync frequency, by default the ArgoCD controller polls Git every 3m. Set this to a duration, e.g. 10m or 600s to control the synchronisation frequency.
- `enabled` (Boolean) Enabled is the flag to enable the Application Controller during ArgoCD installation. (optional, default 'true')
- `env` (Attributes List) Env lets you specify environment for application controller pods (see [below for nested schema](#nestedatt--spec--controller--env))
- `extra_command_args` (List of String) Extra Command arguments allows users to pass command line arguments to controller workload. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraCommandArgs will not overwrite the default command line arguments.
- `init_containers` (Attributes List) InitContainers defines the list of initialization containers for the Application Controller component. (see [below for nested schema](#nestedatt--spec--controller--init_containers))
+- `labels` (Map of String) Custom labels to pods deployed by the operator
- `log_format` (String) LogFormat refers to the log format used by the Application Controller component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.
- `log_level` (String) LogLevel refers to the log level used by the Application Controller component. Defaults to ArgoCDDefaultLogLevel if not configured. Valid options are debug, info, error, and warn.
- `parallelism_limit` (Number) ParallelismLimit defines the limit for parallel kubectl operations
@@ -2485,16 +2498,25 @@ Optional:
Required:
-- `termination` (String) termination indicates termination type.
+- `termination` (String) termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions
Optional:
- `ca_certificate` (String) caCertificate provides the cert authority certificate contents
-- `certificate` (String) certificate provides certificate contents
+- `certificate` (String) certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
- `destination_ca_certificate` (String) destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
-- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
+- `external_certificate` (Attributes) externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set. (see [below for nested schema](#nestedatt--spec--grafana--route--tls--external_certificate))
+- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
- `key` (String) key provides key file contents
+
+### Nested Schema for `spec.grafana.route.tls.external_certificate`
+
+Optional:
+
+- `name` (String) name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+
@@ -2761,16 +2783,25 @@ Optional:
Required:
-- `termination` (String) termination indicates termination type.
+- `termination` (String) termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions
Optional:
- `ca_certificate` (String) caCertificate provides the cert authority certificate contents
-- `certificate` (String) certificate provides certificate contents
+- `certificate` (String) certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
- `destination_ca_certificate` (String) destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
-- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
+- `external_certificate` (Attributes) externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set. (see [below for nested schema](#nestedatt--spec--prometheus--route--tls--external_certificate))
+- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
- `key` (String) key provides key file contents
+
+### Nested Schema for `spec.prometheus.route.tls.external_certificate`
+
+Optional:
+
+- `name` (String) name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+
@@ -2822,6 +2853,7 @@ Required:
Optional:
+- `annotations` (Map of String) Custom annotations to pods deployed by the operator
- `autotls` (String) AutoTLS specifies the method to use for automatic TLS configuration for the repo server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config
- `enabled` (Boolean) Enabled is the flag to enable Repo Server during ArgoCD installation. (optional, default 'true')
- `env` (Attributes List) Env lets you specify environment for repo server pods (see [below for nested schema](#nestedatt--spec--repo--env))
@@ -2829,6 +2861,7 @@ Optional:
- `extra_repo_command_args` (List of String) Extra Command arguments allows users to pass command line arguments to repo server workload. They get added to default command line arguments provided by the operator. Please note that the command line arguments provided as part of ExtraRepoCommandArgs will not overwrite the default command line arguments.
- `image` (String) Image is the ArgoCD Repo Server container image.
- `init_containers` (Attributes List) InitContainers defines the list of initialization containers for the repo server deployment (see [below for nested schema](#nestedatt--spec--repo--init_containers))
+- `labels` (Map of String) Custom labels to pods deployed by the operator
- `log_format` (String) LogFormat describes the log format that should be used by the Repo Server. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.
- `log_level` (String) LogLevel describes the log level that should be used by the Repo Server. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug, info, error, and warn.
- `mountsatoken` (Boolean) MountSAToken describes whether you would like to have the Repo server mount the service account token
@@ -4982,6 +5015,7 @@ Optional:
Optional:
+- `annotations` (Map of String) Custom annotations to pods deployed by the operator
- `autoscale` (Attributes) Autoscale defines the autoscale options for the Argo CD Server component. (see [below for nested schema](#nestedatt--spec--server--autoscale))
- `enabled` (Boolean) Enabled is the flag to enable ArgoCD Server during ArgoCD installation. (optional, default 'true')
- `env` (Attributes List) Env lets you specify environment for API server pods (see [below for nested schema](#nestedatt--spec--server--env))
@@ -4991,6 +5025,7 @@ Optional:
- `ingress` (Attributes) Ingress defines the desired state for an Ingress for the Argo CD Server component. (see [below for nested schema](#nestedatt--spec--server--ingress))
- `init_containers` (Attributes List) InitContainers defines the list of initialization containers for the Argo CD Server component. (see [below for nested schema](#nestedatt--spec--server--init_containers))
- `insecure` (Boolean) Insecure toggles the insecure flag.
+- `labels` (Map of String) Custom labels to pods deployed by the operator
- `log_format` (String) LogFormat refers to the log level to be used by the ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.
- `log_level` (String) LogLevel refers to the log level to be used by the ArgoCD Server component. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug, info, error, and warn.
- `replicas` (Number) Replicas defines the number of replicas for argocd-server. Default is nil. Value should be greater than or equal to 0. Value will be ignored if Autoscaler is enabled.
@@ -5811,16 +5846,25 @@ Optional:
Required:
-- `termination` (String) termination indicates termination type.
+- `termination` (String) termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions
Optional:
- `ca_certificate` (String) caCertificate provides the cert authority certificate contents
-- `certificate` (String) certificate provides certificate contents
+- `certificate` (String) certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.
- `destination_ca_certificate` (String) destinationCACertificate provides the contents of the ca certificate of the final destination. When using reencrypt termination this file should be provided in order to have routers use it for health checks on the secure connection. If this field is not specified, the router may provide its own destination CA and perform hostname validation using the short service name (service.namespace.svc), which allows infrastructure generated certificates to automatically verify.
-- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
+- `external_certificate` (Attributes) externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set. (see [below for nested schema](#nestedatt--spec--server--route--tls--external_certificate))
+- `insecure_edge_termination_policy` (String) insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.
- `key` (String) key provides key file contents
+
+### Nested Schema for `spec.server.route.tls.external_certificate`
+
+Optional:
+
+- `name` (String) name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+
diff --git a/docs/data-sources/camel_apache_org_integration_profile_v1_manifest.md b/docs/data-sources/camel_apache_org_integration_profile_v1_manifest.md
index db9597139..d22c9d348 100644
--- a/docs/data-sources/camel_apache_org_integration_profile_v1_manifest.md
+++ b/docs/data-sources/camel_apache_org_integration_profile_v1_manifest.md
@@ -3,12 +3,12 @@
page_title: "k8s_camel_apache_org_integration_profile_v1_manifest Data Source - terraform-provider-k8s"
subcategory: "camel.apache.org"
description: |-
- IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources ('IntegrationKit', 'Integration', 'Kamelet') in the given namespace.
+ IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources ('IntegrationKit', 'Integration', 'Kamelet') in the given namespace. Deprecated: may be removed in future releases. Make use of IntegrationPlatform instead.
---
# k8s_camel_apache_org_integration_profile_v1_manifest (Data Source)
-IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources ('IntegrationKit', 'Integration', 'Kamelet') in the given namespace.
+IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources ('IntegrationKit', 'Integration', 'Kamelet') in the given namespace. Deprecated: may be removed in future releases. Make use of IntegrationPlatform instead.
## Example Usage
diff --git a/docs/data-sources/ceph_rook_io_ceph_cluster_v1_manifest.md b/docs/data-sources/ceph_rook_io_ceph_cluster_v1_manifest.md
index ad28a7f2e..4986d182c 100644
--- a/docs/data-sources/ceph_rook_io_ceph_cluster_v1_manifest.md
+++ b/docs/data-sources/ceph_rook_io_ceph_cluster_v1_manifest.md
@@ -824,7 +824,7 @@ Optional:
- `ip_family` (String) IPFamily is the single stack IPv6 or IPv4 protocol
- `multi_cluster_service` (Attributes) Enable multiClusterService to export the Services between peer clusters (see [below for nested schema](#nestedatt--spec--network--multi_cluster_service))
- `provider` (String) Provider is what provides network connectivity to the cluster e.g. 'host' or 'multus'. If the Provider is updated from being empty to 'host' on a running cluster, then the operator will automatically fail over all the mons to apply the 'host' network settings.
-- `selectors` (Map of String) Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks when the 'multus' network provider is used. This config section is not used for other network providers. Valid keys are 'public' and 'cluster'. Refer to Ceph networking documentation for more: https://docs.ceph.com/en/reef/rados/configuration/network-config-ref/ Refer to Multus network annotation documentation for help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation Rook will make a best-effort attempt to automatically detect CIDR address ranges for given network attachment definitions. Rook's methods are robust but may be imprecise for sufficiently complicated networks. Rook's auto-detection process obtains a new IP address lease for each CephCluster reconcile. If Rook fails to detect, incorrectly detects, only partially detects, or if underlying networks do not support reusing old IP addresses, it is best to use the 'addressRanges' config section to specify CIDR ranges for the Ceph cluster. As a contrived example, one can use a theoretical Kubernetes-wide network for Ceph client traffic and a theoretical Rook-only network for Ceph replication traffic as shown: selectors: public: 'default/cluster-fast-net' cluster: 'rook-ceph/ceph-backend-net'
+- `selectors` (Map of String) Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks when the 'multus' network provider is used. This config section is not used for other network providers. Valid keys are 'public' and 'cluster'. Refer to Ceph networking documentation for more: https://docs.ceph.com/en/latest/rados/configuration/network-config-ref/ Refer to Multus network annotation documentation for help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation Rook will make a best-effort attempt to automatically detect CIDR address ranges for given network attachment definitions. Rook's methods are robust but may be imprecise for sufficiently complicated networks. Rook's auto-detection process obtains a new IP address lease for each CephCluster reconcile. If Rook fails to detect, incorrectly detects, only partially detects, or if underlying networks do not support reusing old IP addresses, it is best to use the 'addressRanges' config section to specify CIDR ranges for the Ceph cluster. As a contrived example, one can use a theoretical Kubernetes-wide network for Ceph client traffic and a theoretical Rook-only network for Ceph replication traffic as shown: selectors: public: 'default/cluster-fast-net' cluster: 'rook-ceph/ceph-backend-net'
### Nested Schema for `spec.network.address_ranges`
diff --git a/docs/data-sources/ceph_rook_io_ceph_object_store_user_v1_manifest.md b/docs/data-sources/ceph_rook_io_ceph_object_store_user_v1_manifest.md
index 7e6989d5a..1526c10f0 100644
--- a/docs/data-sources/ceph_rook_io_ceph_object_store_user_v1_manifest.md
+++ b/docs/data-sources/ceph_rook_io_ceph_object_store_user_v1_manifest.md
@@ -64,7 +64,7 @@ Optional:
Optional:
-- `amz_cache` (String) Add capabilities for user to send request to RGW Cache API header. Documented in https://docs.ceph.com/en/quincy/radosgw/rgw-cache/#cache-api
+- `amz_cache` (String) Add capabilities for user to send request to RGW Cache API header. Documented in https://docs.ceph.com/en/latest/radosgw/rgw-cache/#cache-api
- `bilog` (String) Add capabilities for user to change bucket index logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
- `bucket` (String) Admin capabilities to read/write Ceph object store buckets. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
- `buckets` (String) Admin capabilities to read/write Ceph object store buckets. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
diff --git a/docs/data-sources/ceph_rook_io_ceph_object_store_v1_manifest.md b/docs/data-sources/ceph_rook_io_ceph_object_store_v1_manifest.md
index 9a18f3a11..7794d3769 100644
--- a/docs/data-sources/ceph_rook_io_ceph_object_store_v1_manifest.md
+++ b/docs/data-sources/ceph_rook_io_ceph_object_store_v1_manifest.md
@@ -1149,7 +1149,7 @@ Optional:
Optional:
- `advertise_endpoint` (Attributes) AdvertiseEndpoint is the default endpoint Rook will return for resources dependent on this object store. This endpoint will be returned to CephObjectStoreUsers, Object Bucket Claims, and COSI Buckets/Accesses. By default, Rook returns the endpoint for the object store's Kubernetes service using HTTPS with 'gateway.securePort' if it is defined (otherwise, HTTP with 'gateway.port'). (see [below for nested schema](#nestedatt--spec--hosting--advertise_endpoint))
-- `dns_names` (List of String) A list of DNS host names on which object store gateways will accept client S3 connections. When specified, object store gateways will reject client S3 connections to hostnames that are not present in this list, so include all endpoints. The object store's advertiseEndpoint and Kubernetes service endpoint, plus CephObjectZone 'customEndpoints' are automatically added to the list but may be set here again if desired. Each DNS name must be valid according RFC-1123. If the DNS name corresponds to an endpoint with DNS wildcard support, do not include the wildcard itself in the list of hostnames. E.g., use 'mystore.example.com' instead of '*.mystore.example.com'. The feature is supported only for Ceph v18 and later versions.
+- `dns_names` (List of String) A list of DNS host names on which object store gateways will accept client S3 connections. When specified, object store gateways will reject client S3 connections to hostnames that are not present in this list, so include all endpoints. The object store's advertiseEndpoint and Kubernetes service endpoint, plus CephObjectZone 'customEndpoints' are automatically added to the list but may be set here again if desired. Each DNS name must be valid according RFC-1123. If the DNS name corresponds to an endpoint with DNS wildcard support, do not include the wildcard itself in the list of hostnames. E.g., use 'mystore.example.com' instead of '*.mystore.example.com'.
### Nested Schema for `spec.hosting.advertise_endpoint`
diff --git a/docs/data-sources/ceph_rook_io_ceph_object_zone_v1_manifest.md b/docs/data-sources/ceph_rook_io_ceph_object_zone_v1_manifest.md
index e9db62120..23c25a5c6 100644
--- a/docs/data-sources/ceph_rook_io_ceph_object_zone_v1_manifest.md
+++ b/docs/data-sources/ceph_rook_io_ceph_object_zone_v1_manifest.md
@@ -57,13 +57,13 @@ Optional:
Required:
-- `data_pool` (Attributes) The data pool settings (see [below for nested schema](#nestedatt--spec--data_pool))
-- `metadata_pool` (Attributes) The metadata pool settings (see [below for nested schema](#nestedatt--spec--metadata_pool))
- `zone_group` (String) The display name for the ceph users
Optional:
- `custom_endpoints` (List of String) If this zone cannot be accessed from other peer Ceph clusters via the ClusterIP Service endpoint created by Rook, you must set this to the externally reachable endpoint(s). You may include the port in the definition. For example: 'https://my-object-store.my-domain.net:443'. In many cases, you should set this to the endpoint of the ingress resource that makes the CephObjectStore associated with this CephObjectStoreZone reachable to peer clusters. The list can have one or more endpoints pointing to different RGW servers in the zone. If a CephObjectStore endpoint is omitted from this list, that object store's gateways will not receive multisite replication data (see CephObjectStore.spec.gateway.disableMultisiteSyncTraffic).
+- `data_pool` (Attributes) The data pool settings (see [below for nested schema](#nestedatt--spec--data_pool))
+- `metadata_pool` (Attributes) The metadata pool settings (see [below for nested schema](#nestedatt--spec--metadata_pool))
- `preserve_pools_on_delete` (Boolean) Preserve pools on object zone deletion
- `shared_pools` (Attributes) The pool information when configuring RADOS namespaces in existing pools. (see [below for nested schema](#nestedatt--spec--shared_pools))
diff --git a/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha1_manifest.md b/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha1_manifest.md
index 3c2121c04..7f3c60b3f 100644
--- a/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha1_manifest.md
+++ b/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha1_manifest.md
@@ -53,6 +53,7 @@ Optional:
- `catch` (Attributes List) Catch defines what the tests steps will execute when an error happens. This will be combined with catch handlers defined at the test and step levels. (see [below for nested schema](#nestedatt--spec--catch))
- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--clusters))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `delay_before_cleanup` (String) DelayBeforeCleanup adds a delay between the time a test ends and the time cleanup starts.
- `deletion_propagation_policy` (String) DeletionPropagationPolicy decides if a deletion will propagate to the dependents of the object, and how the garbage collector will handle the propagation.
- `exclude_test_regex` (String) ExcludeTestRegex is used to exclude tests based on a regular expression.
@@ -62,6 +63,7 @@ Optional:
- `include_test_regex` (String) IncludeTestRegex is used to include tests based on a regular expression.
- `namespace` (String) Namespace defines the namespace to use for tests. If not specified, every test will execute in a random ephemeral namespace unless the namespace is overridden in a the test spec.
- `namespace_template` (Map of String) NamespaceTemplate defines a template to create the test namespace.
+- `namespace_template_compiler` (String) NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.
- `parallel` (Number) The maximum number of tests to run at once.
- `repeat_count` (Number) RepeatCount indicates how many times the tests should be executed.
- `report_format` (String) ReportFormat determines test report format (JSON|XML|JUNIT-TEST|JUNIT-STEP|JUNIT-OPERATION|nil) nil == no report. maps to report.Type, however we don't want generated.deepcopy to have reference to it.
@@ -78,6 +80,7 @@ Optional:
Optional:
- `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--catch--command))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--catch--delete))
- `describe` (Attributes) Describe determines the resource describe collector to execute. (see [below for nested schema](#nestedatt--spec--catch--describe))
- `description` (String) Description contains a description of the operation.
@@ -116,6 +119,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.command.clusters`
@@ -137,6 +144,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.command.outputs`
@@ -148,6 +159,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -175,6 +187,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.delete.clusters`
@@ -355,6 +371,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.script.clusters`
@@ -376,6 +396,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.script.outputs`
@@ -387,6 +411,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
diff --git a/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha2_manifest.md b/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha2_manifest.md
index 9b83272c8..63fd04805 100644
--- a/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha2_manifest.md
+++ b/docs/data-sources/chainsaw_kyverno_io_configuration_v1alpha2_manifest.md
@@ -115,6 +115,7 @@ Optional:
Optional:
- `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--error--catch--command))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--error--catch--delete))
- `describe` (Attributes) Describe determines the resource describe collector to execute. (see [below for nested schema](#nestedatt--spec--error--catch--describe))
- `description` (String) Description contains a description of the operation.
@@ -153,6 +154,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.error.catch.command.clusters`
@@ -174,6 +179,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.error.catch.command.outputs`
@@ -185,6 +194,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -212,6 +222,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.error.catch.delete.clusters`
@@ -392,6 +406,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.error.catch.script.clusters`
@@ -413,6 +431,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.error.catch.script.outputs`
@@ -424,6 +446,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -520,6 +543,7 @@ Optional:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `name` (String) Name defines the namespace to use for tests. If not specified, every test will execute in a random ephemeral namespace unless the namespace is overridden in a the test spec.
- `template` (Map of String) Template defines a template to create the test namespace.
@@ -539,6 +563,7 @@ Optional:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `enabled` (Boolean) Enabled determines whether resources should be considered for templating.
diff --git a/docs/data-sources/chainsaw_kyverno_io_test_v1alpha1_manifest.md b/docs/data-sources/chainsaw_kyverno_io_test_v1alpha1_manifest.md
index d368ae617..918c1eb85 100644
--- a/docs/data-sources/chainsaw_kyverno_io_test_v1alpha1_manifest.md
+++ b/docs/data-sources/chainsaw_kyverno_io_test_v1alpha1_manifest.md
@@ -61,6 +61,7 @@ Optional:
- `catch` (Attributes List) Catch defines what the steps will execute when an error happens. This will be combined with catch handlers defined at the step level. (see [below for nested schema](#nestedatt--spec--catch))
- `cluster` (String) Cluster defines the target cluster (will be inherited if not specified).
- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--clusters))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `concurrent` (Boolean) Concurrent determines whether the test should run concurrently with other tests.
- `delay_before_cleanup` (String) DelayBeforeCleanup adds a delay between the time a test ends and the time cleanup starts.
- `deletion_propagation_policy` (String) DeletionPropagationPolicy decides if a deletion will propagate to the dependents of the object, and how the garbage collector will handle the propagation. Overrides the deletion propagation policy set in the Configuration.
@@ -69,6 +70,7 @@ Optional:
- `force_termination_grace_period` (String) ForceTerminationGracePeriod forces the termination grace period on pods, statefulsets, daemonsets and deployments.
- `namespace` (String) Namespace determines whether the test should run in a random ephemeral namespace or not.
- `namespace_template` (Map of String) NamespaceTemplate defines a template to create the test namespace.
+- `namespace_template_compiler` (String) NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.
- `scenarios` (Attributes List) Scenarios defines test scenarios. (see [below for nested schema](#nestedatt--spec--scenarios))
- `skip` (Boolean) Skip determines whether the test should skipped.
- `skip_delete` (Boolean) SkipDelete determines whether the resources created by the test should be deleted after the test is executed.
@@ -85,6 +87,7 @@ Optional:
- `cleanup` (Attributes List) Cleanup defines what will be executed after the test is terminated. (see [below for nested schema](#nestedatt--spec--steps--cleanup))
- `cluster` (String) Cluster defines the target cluster (will be inherited if not specified).
- `clusters` (Attributes) Clusters holds a registry to clusters to support multi-cluster tests. (see [below for nested schema](#nestedatt--spec--steps--clusters))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `deletion_propagation_policy` (String) DeletionPropagationPolicy decides if a deletion will propagate to the dependents of the object, and how the garbage collector will handle the propagation. Overrides the deletion propagation policy set in both the Configuration and the Test.
- `description` (String) Description contains a description of the test step.
- `finally` (Attributes List) Finally defines what the step will execute after the step is terminated. (see [below for nested schema](#nestedatt--spec--steps--finally))
@@ -103,6 +106,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.catch`
@@ -110,6 +117,7 @@ Required:
Optional:
- `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--steps--catch--command))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--steps--catch--delete))
- `describe` (Attributes) Describe determines the resource describe collector to execute. (see [below for nested schema](#nestedatt--spec--steps--catch--describe))
- `description` (String) Description contains a description of the operation.
@@ -148,6 +156,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.catch.command.clusters`
@@ -169,6 +181,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.catch.command.outputs`
@@ -180,6 +196,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -207,6 +224,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.catch.delete.clusters`
@@ -387,6 +408,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.catch.script.clusters`
@@ -408,6 +433,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.catch.script.outputs`
@@ -419,6 +448,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -504,6 +534,7 @@ Optional:
Optional:
- `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--steps--cleanup--command))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--steps--cleanup--delete))
- `describe` (Attributes) Describe determines the resource describe collector to execute. (see [below for nested schema](#nestedatt--spec--steps--cleanup--describe))
- `description` (String) Description contains a description of the operation.
@@ -542,6 +573,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.cleanup.command.clusters`
@@ -563,6 +598,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.cleanup.command.outputs`
@@ -574,6 +613,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -601,6 +641,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.cleanup.delete.clusters`
@@ -781,6 +825,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.cleanup.script.clusters`
@@ -802,6 +850,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.cleanup.script.outputs`
@@ -813,6 +865,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -910,6 +963,7 @@ Optional:
Optional:
- `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--steps--finally--command))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--steps--finally--delete))
- `describe` (Attributes) Describe determines the resource describe collector to execute. (see [below for nested schema](#nestedatt--spec--steps--finally--describe))
- `description` (String) Description contains a description of the operation.
@@ -948,6 +1002,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.finally.command.clusters`
@@ -969,6 +1027,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.finally.command.outputs`
@@ -980,6 +1042,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -1007,6 +1070,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.finally.delete.clusters`
@@ -1187,6 +1254,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.finally.script.clusters`
@@ -1208,6 +1279,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.finally.script.outputs`
@@ -1219,6 +1294,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -1319,6 +1395,7 @@ Optional:
- `apply` (Attributes) Apply represents resources that should be applied for this test step. This can include things like configuration settings or any other resources that need to be available during the test. (see [below for nested schema](#nestedatt--spec--steps--try--apply))
- `assert` (Attributes) Assert represents an assertion to be made. It checks whether the conditions specified in the assertion hold true. (see [below for nested schema](#nestedatt--spec--steps--try--assert))
- `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--steps--try--command))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `continue_on_error` (Boolean) ContinueOnError determines whether a test should continue or not in case the operation was not successful. Even if the test continues executing, it will still be reported as failed.
- `create` (Attributes) Create represents a creation operation. (see [below for nested schema](#nestedatt--spec--steps--try--create))
- `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--steps--try--delete))
@@ -1359,6 +1436,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.apply.clusters`
@@ -1394,6 +1475,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -1419,6 +1501,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.assert.clusters`
@@ -1461,6 +1547,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.command.clusters`
@@ -1482,6 +1572,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.command.outputs`
@@ -1493,6 +1587,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -1521,6 +1616,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.create.clusters`
@@ -1556,6 +1655,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -1583,6 +1683,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.delete.clusters`
@@ -1676,6 +1780,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.error.clusters`
@@ -1771,6 +1879,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.patch.clusters`
@@ -1806,6 +1918,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -1878,6 +1991,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -1906,6 +2020,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.script.clusters`
@@ -1927,6 +2045,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.script.outputs`
@@ -1938,6 +2060,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -1974,6 +2097,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.steps.try.update.clusters`
@@ -2009,6 +2136,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -2106,6 +2234,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
@@ -2118,6 +2250,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch`
@@ -2125,6 +2261,7 @@ Required:
Optional:
- `command` (Attributes) Command defines a command to run. (see [below for nested schema](#nestedatt--spec--catch--command))
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `delete` (Attributes) Delete represents a deletion operation. (see [below for nested schema](#nestedatt--spec--catch--delete))
- `describe` (Attributes) Describe determines the resource describe collector to execute. (see [below for nested schema](#nestedatt--spec--catch--describe))
- `description` (String) Description contains a description of the operation.
@@ -2163,6 +2300,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.command.clusters`
@@ -2184,6 +2325,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.command.outputs`
@@ -2195,6 +2340,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -2222,6 +2368,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.delete.clusters`
@@ -2402,6 +2552,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.script.clusters`
@@ -2423,6 +2577,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
### Nested Schema for `spec.catch.script.outputs`
@@ -2434,6 +2592,7 @@ Required:
Optional:
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
- `match` (Map of String) Match defines the matching statement.
@@ -2540,6 +2699,10 @@ Required:
- `name` (String) Name the name of the binding.
- `value` (Map of String) Value value of the binding.
+Optional:
+
+- `compiler` (String) Compiler defines the default compiler to use when evaluating expressions.
+
diff --git a/docs/data-sources/cilium_io_cilium_node_v2_manifest.md b/docs/data-sources/cilium_io_cilium_node_v2_manifest.md
index a0a745410..11661421e 100644
--- a/docs/data-sources/cilium_io_cilium_node_v2_manifest.md
+++ b/docs/data-sources/cilium_io_cilium_node_v2_manifest.md
@@ -158,6 +158,7 @@ Optional:
- `pool` (Attributes) Pool is the list of IPv4 addresses available to the node for allocation. When an IPv4 address is used, it will remain on this list but will be added to Status.IPAM.Used (see [below for nested schema](#nestedatt--spec--ipam--pool))
- `pools` (Attributes) Pools contains the list of assigned IPAM pools for this node. (see [below for nested schema](#nestedatt--spec--ipam--pools))
- `pre_allocate` (Number) PreAllocate defines the number of IP addresses that must be available for allocation in the IPAMspec. It defines the buffer of addresses available immediately without requiring cilium-operator to get involved.
+- `static_ip_tags` (Map of String) StaticIPTags are used to determine the pool of IPs from which to attribute a static IP to the node. For example in AWS this is used to filter Elastic IP Addresses.
### Nested Schema for `spec.ipam.ipv6_pool`
diff --git a/docs/data-sources/cluster_x_k8s_io_cluster_class_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_cluster_class_v1beta1_manifest.md
index c916e8365..a273c9d46 100644
--- a/docs/data-sources/cluster_x_k8s_io_cluster_class_v1beta1_manifest.md
+++ b/docs/data-sources/cluster_x_k8s_io_cluster_class_v1beta1_manifest.md
@@ -315,6 +315,8 @@ Required:
Optional:
- `additional_properties` (Map of String) AdditionalProperties specifies the schema of values in a map (keys are always strings). NOTE: Can only be set if type is object. NOTE: AdditionalProperties is mutually exclusive with Properties. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.
+- `all_of` (Map of String) AllOf specifies that the variable must validate against all of the subschemas in the array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.
+- `any_of` (Map of String) AnyOf specifies that the variable must validate against one or more of the subschemas in the array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.
- `default` (Map of String) Default is the default value of the variable. NOTE: Can be set for all types.
- `description` (String) Description is a human-readable description of this variable.
- `enum` (List of String) Enum is the list of valid values of the variable. NOTE: Can be set for all types.
@@ -331,10 +333,13 @@ Optional:
- `min_length` (Number) MinLength is the min length of a string variable. NOTE: Can only be set if type is string.
- `min_properties` (Number) MinProperties is the minimum amount of entries in a map or properties in an object. NOTE: Can only be set if type is object.
- `minimum` (Number) Minimum is the minimum of an integer or number variable. If ExclusiveMinimum is false, the variable is valid if it is greater than, or equal to, the value of Minimum. If ExclusiveMinimum is true, the variable is valid if it is strictly greater than the value of Minimum. NOTE: Can only be set if type is integer or number.
+- `not` (Map of String) Not specifies that the variable must not validate against the subschema. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.
+- `one_of` (Map of String) OneOf specifies that the variable must validate against exactly one of the subschemas in the array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.
- `pattern` (String) Pattern is the regex which a string variable must match. NOTE: Can only be set if type is string.
- `properties` (Map of String) Properties specifies fields of an object. NOTE: Can only be set if type is object. NOTE: Properties is mutually exclusive with AdditionalProperties. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.
- `required` (List of String) Required specifies which fields of an object are required. NOTE: Can only be set if type is object.
- `unique_items` (Boolean) UniqueItems specifies if items in an array must be unique. NOTE: Can only be set if type is array.
+- `x_kubernetes_int_or_string` (Boolean) x-kubernetes-int-or-string specifies that this value is either an integer or a string. If this is true, an empty type is allowed and type as child of anyOf is permitted if following one of the following patterns: 1) anyOf: - type: integer - type: string 2) allOf: - anyOf: - type: integer - type: string - ... zero or more
- `x_kubernetes_preserve_unknown_fields` (Boolean) XPreserveUnknownFields allows setting fields in a variable object which are not defined in the variable schema. This affects fields recursively, except if nested properties or additionalProperties are specified in the schema.
- `x_kubernetes_validations` (Attributes List) XValidations describes a list of validation rules written in the CEL expression language. (see [below for nested schema](#nestedatt--spec--variables--schema--open_apiv3_schema--x_kubernetes_validations))
- `x_metadata` (Attributes) XMetadata is the metadata of a variable or a nested field within a variable. It can be used to add additional data for higher level tools. (see [below for nested schema](#nestedatt--spec--variables--schema--open_apiv3_schema--x_metadata))
diff --git a/docs/data-sources/cluster_x_k8s_io_cluster_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_cluster_v1beta1_manifest.md
index f77c55500..01034beee 100644
--- a/docs/data-sources/cluster_x_k8s_io_cluster_v1beta1_manifest.md
+++ b/docs/data-sources/cluster_x_k8s_io_cluster_v1beta1_manifest.md
@@ -55,6 +55,7 @@ Optional:
Optional:
+- `availability_gates` (Attributes List) availabilityGates specifies additional conditions to include when evaluating Cluster Available condition. NOTE: this field is considered only for computing v1beta2 conditions. (see [below for nested schema](#nestedatt--spec--availability_gates))
- `cluster_network` (Attributes) Cluster network configuration. (see [below for nested schema](#nestedatt--spec--cluster_network))
- `control_plane_endpoint` (Attributes) ControlPlaneEndpoint represents the endpoint used to communicate with the control plane. (see [below for nested schema](#nestedatt--spec--control_plane_endpoint))
- `control_plane_ref` (Attributes) ControlPlaneRef is an optional reference to a provider-specific resource that holds the details for provisioning the Control Plane for a Cluster. (see [below for nested schema](#nestedatt--spec--control_plane_ref))
@@ -62,6 +63,14 @@ Optional:
- `paused` (Boolean) Paused can be used to prevent controllers from processing the Cluster and all its associated objects.
- `topology` (Attributes) This encapsulates the topology for the cluster. NOTE: It is required to enable the ClusterTopology feature gate flag to activate managed topologies support; this feature is highly experimental, and parts of it might still be not implemented. (see [below for nested schema](#nestedatt--spec--topology))
+
+### Nested Schema for `spec.availability_gates`
+
+Required:
+
+- `condition_type` (String) conditionType refers to a positive polarity condition (status true means good) with matching type in the Cluster's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as availability gates.
+
+
### Nested Schema for `spec.cluster_network`
diff --git a/docs/data-sources/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.md
index a590eb450..342956f56 100644
--- a/docs/data-sources/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.md
+++ b/docs/data-sources/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.md
@@ -124,6 +124,7 @@ Optional:
- `node_drain_timeout` (String) NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from 'kubectl drain --timeout'
- `node_volume_detach_timeout` (String) NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations.
- `provider_id` (String) ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider.
+- `readiness_gates` (Attributes List) readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions. (see [below for nested schema](#nestedatt--spec--template--spec--readiness_gates))
- `version` (String) Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.
@@ -163,6 +164,14 @@ Optional:
- `uid` (String) UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+
+### Nested Schema for `spec.template.spec.readiness_gates`
+
+Required:
+
+- `condition_type` (String) conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.
+
+
diff --git a/docs/data-sources/cluster_x_k8s_io_machine_pool_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_machine_pool_v1beta1_manifest.md
index c4dbf1b8a..1c7d46bcf 100644
--- a/docs/data-sources/cluster_x_k8s_io_machine_pool_v1beta1_manifest.md
+++ b/docs/data-sources/cluster_x_k8s_io_machine_pool_v1beta1_manifest.md
@@ -98,6 +98,7 @@ Optional:
- `node_drain_timeout` (String) NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from 'kubectl drain --timeout'
- `node_volume_detach_timeout` (String) NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations.
- `provider_id` (String) ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider.
+- `readiness_gates` (Attributes List) readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions. (see [below for nested schema](#nestedatt--spec--template--spec--readiness_gates))
- `version` (String) Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.
@@ -135,3 +136,11 @@ Optional:
- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
- `resource_version` (String) Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
- `uid` (String) UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+
+
+
+### Nested Schema for `spec.template.spec.readiness_gates`
+
+Required:
+
+- `condition_type` (String) conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.
diff --git a/docs/data-sources/cluster_x_k8s_io_machine_set_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_machine_set_v1beta1_manifest.md
index 2242452a0..292aca311 100644
--- a/docs/data-sources/cluster_x_k8s_io_machine_set_v1beta1_manifest.md
+++ b/docs/data-sources/cluster_x_k8s_io_machine_set_v1beta1_manifest.md
@@ -120,6 +120,7 @@ Optional:
- `node_drain_timeout` (String) NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from 'kubectl drain --timeout'
- `node_volume_detach_timeout` (String) NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations.
- `provider_id` (String) ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider.
+- `readiness_gates` (Attributes List) readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions. (see [below for nested schema](#nestedatt--spec--template--spec--readiness_gates))
- `version` (String) Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.
@@ -157,3 +158,11 @@ Optional:
- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
- `resource_version` (String) Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
- `uid` (String) UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+
+
+
+### Nested Schema for `spec.template.spec.readiness_gates`
+
+Required:
+
+- `condition_type` (String) conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.
diff --git a/docs/data-sources/cluster_x_k8s_io_machine_v1beta1_manifest.md b/docs/data-sources/cluster_x_k8s_io_machine_v1beta1_manifest.md
index acfa75038..cb70d6154 100644
--- a/docs/data-sources/cluster_x_k8s_io_machine_v1beta1_manifest.md
+++ b/docs/data-sources/cluster_x_k8s_io_machine_v1beta1_manifest.md
@@ -66,6 +66,7 @@ Optional:
- `node_drain_timeout` (String) NodeDrainTimeout is the total amount of time that the controller will spend on draining a node. The default value is 0, meaning that the node can be drained without any time limitations. NOTE: NodeDrainTimeout is different from 'kubectl drain --timeout'
- `node_volume_detach_timeout` (String) NodeVolumeDetachTimeout is the total amount of time that the controller will spend on waiting for all volumes to be detached. The default value is 0, meaning that the volumes can be detached without any time limitations.
- `provider_id` (String) ProviderID is the identification ID of the machine provided by the provider. This field must match the provider ID as seen on the node object corresponding to this machine. This field is required by higher level consumers of cluster-api. Example use case is cluster autoscaler with cluster-api as provider. Clean-up logic in the autoscaler compares machines to nodes to find out machines at provider which could not get registered as Kubernetes nodes. With cluster-api as a generic out-of-tree provider for autoscaler, this field is required by autoscaler to be able to have a provider view of the list of machines. Another list of nodes is queried from the k8s apiserver and then a comparison is done to find out unregistered machines and are marked for delete. This field will be set by the actuators and consumed by higher level entities like autoscaler that will be interfacing with cluster-api as generic provider.
+- `readiness_gates` (Attributes List) readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions. (see [below for nested schema](#nestedatt--spec--readiness_gates))
- `version` (String) Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.
@@ -103,3 +104,11 @@ Optional:
- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
- `resource_version` (String) Specific resourceVersion to which this reference is made, if any. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#concurrency-control-and-consistency
- `uid` (String) UID of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#uids
+
+
+
+### Nested Schema for `spec.readiness_gates`
+
+Required:
+
+- `condition_type` (String) conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.
diff --git a/docs/data-sources/confidentialcontainers_org_cc_runtime_v1beta1_manifest.md b/docs/data-sources/confidentialcontainers_org_cc_runtime_v1beta1_manifest.md
index 992e29689..85f6e0620 100644
--- a/docs/data-sources/confidentialcontainers_org_cc_runtime_v1beta1_manifest.md
+++ b/docs/data-sources/confidentialcontainers_org_cc_runtime_v1beta1_manifest.md
@@ -122,7 +122,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -160,7 +160,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -171,7 +171,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -184,8 +184,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -215,7 +216,7 @@ Optional:
- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--config--installer_volumes--gce_persistent_disk))
- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--git_repo))
- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--config--installer_volumes--glusterfs))
-- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--host_path))
+- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath (see [below for nested schema](#nestedatt--spec--config--installer_volumes--host_path))
- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--config--installer_volumes--iscsi))
- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--config--installer_volumes--nfs))
- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--config--installer_volumes--persistent_volume_claim))
@@ -238,7 +239,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).
- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
@@ -292,7 +293,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -314,7 +315,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -325,7 +326,7 @@ Optional:
- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -361,7 +362,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -382,7 +383,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--downward_api--items--resource_field_ref))
@@ -451,6 +452,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--config--installer_volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -486,18 +488,9 @@ Optional:
Optional:
-- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
-### Nested Schema for `spec.config.installer_volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
-
-
### Nested Schema for `spec.config.installer_volumes.ephemeral.volume_claim_template.spec.selector`
@@ -529,7 +522,7 @@ Optional:
Optional:
-- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.
- `lun` (Number) lun is Optional: FC target lun number
- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
- `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs)
@@ -555,7 +548,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -577,7 +570,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
@@ -633,7 +626,7 @@ Optional:
- `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
- `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.
- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
@@ -645,7 +638,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -712,18 +705,56 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) configMap information about the configMap data to project (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--config_map))
- `downward_api` (Attributes) downwardAPI information about the downwardAPI data to project (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--downward_api))
- `secret` (Attributes) secret information about the secret data to project (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--secret))
- `service_account_token` (Attributes) serviceAccountToken is information about the serviceAccountToken data to project (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.config.installer_volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String) Relative path from the volume root to write the bundle.
+
+Optional:
+
+- `label_selector` (Attributes) Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String) Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.
+- `optional` (Boolean) If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.
+- `signer_name` (String) Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.
+
+
+### Nested Schema for `spec.config.installer_volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.
+
+
+### Nested Schema for `spec.config.installer_volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String) key is the label key that the selector applies to.
+- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
+
+Optional:
+
+- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
+
+
+
### Nested Schema for `spec.config.installer_volumes.projected.sources.config_map`
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -756,7 +787,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--downward_api--items--resource_field_ref))
@@ -793,7 +824,7 @@ Optional:
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--config--installer_volumes--projected--sources--secret--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional field specify whether the Secret or its key must be defined
@@ -851,7 +882,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
@@ -863,7 +894,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -891,7 +922,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -935,7 +966,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -996,7 +1027,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1034,7 +1065,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1050,8 +1081,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -1081,7 +1113,7 @@ Optional:
- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--gce_persistent_disk))
- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--git_repo))
- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--glusterfs))
-- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--host_path))
+- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--host_path))
- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--iscsi))
- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--nfs))
- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--persistent_volume_claim))
@@ -1104,7 +1136,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).
- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
@@ -1158,7 +1190,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1180,7 +1212,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1191,7 +1223,7 @@ Optional:
- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -1227,7 +1259,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1248,7 +1280,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--downward_api--items--resource_field_ref))
@@ -1317,6 +1349,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -1352,18 +1385,9 @@ Optional:
Optional:
-- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
-### Nested Schema for `spec.config.post_uninstall.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
-
-
### Nested Schema for `spec.config.post_uninstall.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -1395,7 +1419,7 @@ Optional:
Optional:
-- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.
- `lun` (Number) lun is Optional: FC target lun number
- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
- `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs)
@@ -1421,7 +1445,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1443,7 +1467,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
@@ -1499,7 +1523,7 @@ Optional:
- `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
- `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.
- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
@@ -1511,7 +1535,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1578,18 +1602,56 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) configMap information about the configMap data to project (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--config_map))
- `downward_api` (Attributes) downwardAPI information about the downwardAPI data to project (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--downward_api))
- `secret` (Attributes) secret information about the secret data to project (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--secret))
- `service_account_token` (Attributes) serviceAccountToken is information about the serviceAccountToken data to project (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.config.post_uninstall.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String) Relative path from the volume root to write the bundle.
+
+Optional:
+
+- `label_selector` (Attributes) Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String) Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.
+- `optional` (Boolean) If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.
+- `signer_name` (String) Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.
+
+
+### Nested Schema for `spec.config.post_uninstall.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.
+
+
+### Nested Schema for `spec.config.post_uninstall.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String) key is the label key that the selector applies to.
+- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
+
+Optional:
+
+- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
+
+
+
### Nested Schema for `spec.config.post_uninstall.volumes.projected.sources.config_map`
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -1622,7 +1684,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--downward_api--items--resource_field_ref))
@@ -1659,7 +1721,7 @@ Optional:
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--config--post_uninstall--volumes--projected--sources--secret--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional field specify whether the Secret or its key must be defined
@@ -1717,7 +1779,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
@@ -1729,7 +1791,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1757,7 +1819,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1801,7 +1863,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1863,7 +1925,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1901,7 +1963,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1917,8 +1979,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -1948,7 +2011,7 @@ Optional:
- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--gce_persistent_disk))
- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--git_repo))
- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--glusterfs))
-- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--host_path))
+- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--host_path))
- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--iscsi))
- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--nfs))
- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--persistent_volume_claim))
@@ -1971,7 +2034,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).
- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
@@ -2025,7 +2088,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2047,7 +2110,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2058,7 +2121,7 @@ Optional:
- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -2094,7 +2157,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2115,7 +2178,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--downward_api--items--resource_field_ref))
@@ -2184,6 +2247,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -2219,18 +2283,9 @@ Optional:
Optional:
-- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
-### Nested Schema for `spec.config.pre_install.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
-
-
### Nested Schema for `spec.config.pre_install.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -2262,7 +2317,7 @@ Optional:
Optional:
-- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.
- `lun` (Number) lun is Optional: FC target lun number
- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
- `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs)
@@ -2288,7 +2343,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2310,7 +2365,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
@@ -2366,7 +2421,7 @@ Optional:
- `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
- `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.
- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
@@ -2378,7 +2433,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2445,18 +2500,56 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) configMap information about the configMap data to project (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--config_map))
- `downward_api` (Attributes) downwardAPI information about the downwardAPI data to project (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--downward_api))
- `secret` (Attributes) secret information about the secret data to project (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--secret))
- `service_account_token` (Attributes) serviceAccountToken is information about the serviceAccountToken data to project (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.config.pre_install.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String) Relative path from the volume root to write the bundle.
+
+Optional:
+
+- `label_selector` (Attributes) Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String) Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.
+- `optional` (Boolean) If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.
+- `signer_name` (String) Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.
+
+
+### Nested Schema for `spec.config.pre_install.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.
+
+
+### Nested Schema for `spec.config.pre_install.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String) key is the label key that the selector applies to.
+- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
+
+Optional:
+
+- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
+
+
+
### Nested Schema for `spec.config.pre_install.volumes.projected.sources.config_map`
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -2489,7 +2582,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--downward_api--items--resource_field_ref))
@@ -2526,7 +2619,7 @@ Optional:
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--config--pre_install--volumes--projected--sources--secret--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional field specify whether the Secret or its key must be defined
@@ -2584,7 +2677,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
@@ -2596,7 +2689,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2624,7 +2717,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2668,7 +2761,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
diff --git a/docs/data-sources/druid_stackable_tech_druid_cluster_v1alpha1_manifest.md b/docs/data-sources/druid_stackable_tech_druid_cluster_v1alpha1_manifest.md
index e5df4ff4f..2e55c9f5b 100644
--- a/docs/data-sources/druid_stackable_tech_druid_cluster_v1alpha1_manifest.md
+++ b/docs/data-sources/druid_stackable_tech_druid_cluster_v1alpha1_manifest.md
@@ -133,16 +133,13 @@ Optional:
### Nested Schema for `spec.brokers.role_groups.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.brokers.role_groups.config.logging`
@@ -239,16 +236,13 @@ Optional:
### Nested Schema for `spec.brokers.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.brokers.config.logging`
@@ -402,13 +396,13 @@ Optional:
Optional:
-- `inline` (Attributes) An inline definition, containing the S3 bucket properties. (see [below for nested schema](#nestedatt--spec--cluster_config--deep_storage--s3--bucket--inline))
-- `reference` (String) A reference to an S3 bucket object. This is simply the name of the 'S3Bucket' resource.
+- `inline` (Attributes) S3 bucket specification containing the bucket name and an inlined or referenced connection specification. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--cluster_config--deep_storage--s3--bucket--inline))
+- `reference` (String)
### Nested Schema for `spec.cluster_config.deep_storage.s3.bucket.inline`
-Optional:
+Required:
- `bucket_name` (String) The name of the S3 bucket.
- `connection` (Attributes) The definition of an S3 connection, either inline or as a reference. (see [below for nested schema](#nestedatt--spec--cluster_config--deep_storage--s3--bucket--inline--connection))
@@ -418,19 +412,22 @@ Optional:
Optional:
-- `inline` (Attributes) Inline definition of an S3 connection. (see [below for nested schema](#nestedatt--spec--cluster_config--deep_storage--s3--bucket--inline--connection--inline))
-- `reference` (String) A reference to an S3Connection resource.
+- `inline` (Attributes) S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--cluster_config--deep_storage--s3--bucket--inline--connection--inline))
+- `reference` (String)
### Nested Schema for `spec.cluster_config.deep_storage.s3.bucket.inline.connection.inline`
+Required:
+
+- `host` (String) Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
+
Optional:
- `access_style` (String) Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).
- `credentials` (Attributes) If the S3 uses authentication you have to specify you S3 credentials. In the most cases a [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) providing 'accessKey' and 'secretKey' is sufficient. (see [below for nested schema](#nestedatt--spec--cluster_config--deep_storage--s3--bucket--inline--connection--inline--credentials))
-- `host` (String) Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
- `port` (Number) Port the S3 server listens on. If not specified the product will determine the port to use.
-- `tls` (Attributes) If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. (see [below for nested schema](#nestedatt--spec--cluster_config--deep_storage--s3--bucket--inline--connection--inline--tls))
+- `tls` (Attributes) Use a TLS connection. If not specified no TLS will be used. (see [below for nested schema](#nestedatt--spec--cluster_config--deep_storage--s3--bucket--inline--connection--inline--tls))
### Nested Schema for `spec.cluster_config.deep_storage.s3.bucket.inline.connection.inline.credentials`
@@ -448,6 +445,7 @@ Optional:
Optional:
+- `listener_volumes` (List of String) The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.
- `node` (Boolean) The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.
- `pod` (Boolean) The pod scope is resolved to the name of the Kubernetes Pod. This allows the secret to differentiate between StatefulSet replicas.
- `services` (List of String) The service scope allows Pod objects to specify custom scopes. This should typically correspond to Service objects that the Pod participates in.
@@ -514,11 +512,11 @@ Optional:
Required:
-- `authentication_class` (String) A name/key which references an authentication class. To get the concrete ['AuthenticationClass'], we must resolve it. This resolution can be achieved by using ['ClientAuthenticationDetails::resolve_class'].
+- `authentication_class` (String) Name of the [AuthenticationClass](https://docs.stackable.tech/home/nightly/concepts/authentication) used to authenticate users.
Optional:
-- `oidc` (Attributes) This field contains authentication provider specific configuration. Use ['ClientAuthenticationDetails::oidc_or_error'] to get the value or report an error to the user. (see [below for nested schema](#nestedatt--spec--cluster_config--authentication--oidc))
+- `oidc` (Attributes) This field contains OIDC-specific configuration. It is only required in case OIDC is used. (see [below for nested schema](#nestedatt--spec--cluster_config--authentication--oidc))
### Nested Schema for `spec.cluster_config.authentication.oidc`
@@ -565,19 +563,22 @@ Optional:
Optional:
-- `inline` (Attributes) Inline definition of an S3 connection. (see [below for nested schema](#nestedatt--spec--cluster_config--ingestion--s3connection--inline))
-- `reference` (String) A reference to an S3Connection resource.
+- `inline` (Attributes) S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--cluster_config--ingestion--s3connection--inline))
+- `reference` (String)
### Nested Schema for `spec.cluster_config.ingestion.s3connection.inline`
+Required:
+
+- `host` (String) Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
+
Optional:
- `access_style` (String) Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).
- `credentials` (Attributes) If the S3 uses authentication you have to specify you S3 credentials. In the most cases a [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) providing 'accessKey' and 'secretKey' is sufficient. (see [below for nested schema](#nestedatt--spec--cluster_config--ingestion--s3connection--inline--credentials))
-- `host` (String) Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
- `port` (Number) Port the S3 server listens on. If not specified the product will determine the port to use.
-- `tls` (Attributes) If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. (see [below for nested schema](#nestedatt--spec--cluster_config--ingestion--s3connection--inline--tls))
+- `tls` (Attributes) Use a TLS connection. If not specified no TLS will be used. (see [below for nested schema](#nestedatt--spec--cluster_config--ingestion--s3connection--inline--tls))
### Nested Schema for `spec.cluster_config.ingestion.s3connection.inline.credentials`
@@ -595,6 +596,7 @@ Optional:
Optional:
+- `listener_volumes` (List of String) The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.
- `node` (Boolean) The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.
- `pod` (Boolean) The pod scope is resolved to the name of the Kubernetes Pod. This allows the secret to differentiate between StatefulSet replicas.
- `services` (List of String) The service scope allows Pod objects to specify custom scopes. This should typically correspond to Service objects that the Pod participates in.
@@ -688,16 +690,13 @@ Optional:
### Nested Schema for `spec.coordinators.role_groups.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.coordinators.role_groups.config.logging`
@@ -794,16 +793,13 @@ Optional:
### Nested Schema for `spec.coordinators.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.coordinators.config.logging`
@@ -945,16 +941,13 @@ Optional:
### Nested Schema for `spec.historicals.role_groups.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.historicals.role_groups.config.logging`
@@ -1077,16 +1070,13 @@ Optional:
### Nested Schema for `spec.historicals.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.historicals.config.logging`
@@ -1228,9 +1218,9 @@ Optional:
### Nested Schema for `spec.image.pull_secrets`
-Optional:
+Required:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1275,16 +1265,13 @@ Optional:
### Nested Schema for `spec.middle_managers.role_groups.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.middle_managers.role_groups.config.logging`
@@ -1381,16 +1368,13 @@ Optional:
### Nested Schema for `spec.middle_managers.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.middle_managers.config.logging`
@@ -1532,16 +1516,13 @@ Optional:
### Nested Schema for `spec.routers.role_groups.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.routers.role_groups.config.logging`
@@ -1638,16 +1619,13 @@ Optional:
### Nested Schema for `spec.routers.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.routers.config.logging`
diff --git a/docs/data-sources/eks_services_k8s_aws_addon_v1alpha1_manifest.md b/docs/data-sources/eks_services_k8s_aws_addon_v1alpha1_manifest.md
index 945463b39..7cd2b6d31 100644
--- a/docs/data-sources/eks_services_k8s_aws_addon_v1alpha1_manifest.md
+++ b/docs/data-sources/eks_services_k8s_aws_addon_v1alpha1_manifest.md
@@ -64,6 +64,7 @@ Optional:
- `cluster_name` (String) The name of your cluster.
- `cluster_ref` (Attributes) AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: from: name: my-api (see [below for nested schema](#nestedatt--spec--cluster_ref))
- `configuration_values` (String) The set of configuration values for the add-on that's created. The values that you provide are validated against the schema returned by DescribeAddonConfiguration.
+- `pod_identity_associations` (Attributes List) An array of Pod Identity Assocations to be created. Each EKS Pod Identity association maps a Kubernetes service account to an IAM Role. For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity (https://docs.aws.amazon.com/eks/latest/userguide/add-ons-iam.html) in the EKS User Guide. (see [below for nested schema](#nestedatt--spec--pod_identity_associations))
- `resolve_conflicts` (String) How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose: * None – If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail. * Overwrite – If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value. * Preserve – This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see UpdateAddon (https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html). If you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.
- `service_account_role_arn` (String) The Amazon Resource Name (ARN) of an existing IAM role to bind to the add-on's service account. The role must be assigned the IAM permissions required by the add-on. If you don't specify an existing IAM role, then the add-on uses the permissions assigned to the node IAM role. For more information, see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the Amazon EKS User Guide. To specify an existing IAM role, you must have an IAM OpenID Connect (OIDC) provider created for your cluster. For more information, see Enabling IAM roles for service accounts on your cluster (https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html) in the Amazon EKS User Guide.
- `service_account_role_ref` (Attributes) AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: from: name: my-api (see [below for nested schema](#nestedatt--spec--service_account_role_ref))
@@ -86,6 +87,15 @@ Optional:
+
+### Nested Schema for `spec.pod_identity_associations`
+
+Optional:
+
+- `role_arn` (String)
+- `service_account` (String)
+
+
### Nested Schema for `spec.service_account_role_ref`
diff --git a/docs/data-sources/eks_services_k8s_aws_nodegroup_v1alpha1_manifest.md b/docs/data-sources/eks_services_k8s_aws_nodegroup_v1alpha1_manifest.md
index b8b448a6f..4bde3cd7a 100644
--- a/docs/data-sources/eks_services_k8s_aws_nodegroup_v1alpha1_manifest.md
+++ b/docs/data-sources/eks_services_k8s_aws_nodegroup_v1alpha1_manifest.md
@@ -59,26 +59,26 @@ Required:
Optional:
-- `ami_type` (String) The AMI type for your node group. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add eks:kube-proxy-windows to your Windows nodes rolearn in the aws-auth ConfigMap. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
+- `ami_type` (String) The AMI type for your node group. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add eks:kube-proxy-windows to your Windows nodes rolearn in the aws-auth ConfigMap. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
- `capacity_type` (String) The capacity type for your node group.
- `client_request_token` (String) A unique, case-sensitive identifier that you provide to ensure the idempotency of the request.
- `cluster_name` (String) The name of your cluster.
- `cluster_ref` (Attributes) AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: from: name: my-api (see [below for nested schema](#nestedatt--spec--cluster_ref))
-- `disk_size` (Number) The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
-- `instance_types` (List of String) Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the amiType parameter. If you specify launchTemplate, then you can specify zero or one instance type in your launch template or you can specify 0-20 instance types for instanceTypes. If however, you specify an instance type in your launch template and specify any instanceTypes, the node group deployment will fail. If you don't specify an instance type in a launch template or for instanceTypes, then t3.medium is used, by default. If you specify Spot for capacityType, then we recommend specifying multiple values for instanceTypes. For more information, see Managed node group capacity types (https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
+- `disk_size` (Number) The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
+- `instance_types` (List of String) Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the amiType parameter. If you specify launchTemplate, then you can specify zero or one instance type in your launch template or you can specify 0-20 instance types for instanceTypes. If however, you specify an instance type in your launch template and specify any instanceTypes, the node group deployment will fail. If you don't specify an instance type in a launch template or for instanceTypes, then t3.medium is used, by default. If you specify Spot for capacityType, then we recommend specifying multiple values for instanceTypes. For more information, see Managed node group capacity types (https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
- `labels` (Map of String) The Kubernetes labels to apply to the nodes in the node group when they are created.
-- `launch_template` (Attributes) An object representing a node group's launch template specification. If specified, then do not specify instanceTypes, diskSize, or remoteAccess and make sure that the launch template meets the requirements in launchTemplateSpecification. (see [below for nested schema](#nestedatt--spec--launch_template))
-- `node_role` (String) The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to Amazon Web Services APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
+- `launch_template` (Attributes) An object representing a node group's launch template specification. When using this object, don't directly specify instanceTypes, diskSize, or remoteAccess. Make sure that the launch template meets the requirements in launchTemplateSpecification. Also refer to Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide. (see [below for nested schema](#nestedatt--spec--launch_template))
+- `node_role` (String) The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to Amazon Web Services APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
- `node_role_ref` (Attributes) AWSResourceReferenceWrapper provides a wrapper around *AWSResourceReference type to provide more user friendly syntax for references using 'from' field Ex: APIIDRef: from: name: my-api (see [below for nested schema](#nestedatt--spec--node_role_ref))
-- `release_version` (String) The AMI version of the Amazon EKS optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For information about Linux versions, see Amazon EKS optimized Amazon Linux AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the Amazon EKS User Guide. Amazon EKS managed node groups support the November 2022 and later releases of the Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-ami-versions-windows.html) in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
-- `remote_access` (Attributes) The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide. (see [below for nested schema](#nestedatt--spec--remote_access))
+- `release_version` (String) The AMI version of the Amazon EKS optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For information about Linux versions, see Amazon EKS optimized Amazon Linux AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the Amazon EKS User Guide. Amazon EKS managed node groups support the November 2022 and later releases of the Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-ami-versions-windows.html) in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
+- `remote_access` (Attributes) The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide. (see [below for nested schema](#nestedatt--spec--remote_access))
- `scaling_config` (Attributes) The scaling configuration details for the Auto Scaling group that is created for your node group. (see [below for nested schema](#nestedatt--spec--scaling_config))
- `subnet_refs` (Attributes List) (see [below for nested schema](#nestedatt--spec--subnet_refs))
-- `subnets` (List of String) The subnets to use for the Auto Scaling group that is created for your node group. If you specify launchTemplate, then don't specify SubnetId (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
+- `subnets` (List of String) The subnets to use for the Auto Scaling group that is created for your node group. If you specify launchTemplate, then don't specify SubnetId (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
- `tags` (Map of String) Metadata that assists with categorization and organization. Each tag consists of a key and an optional value. You define both. Tags don't propagate to any other cluster or Amazon Web Services resources.
- `taints` (Attributes List) The Kubernetes taints to be applied to the nodes in the node group. For more information, see Node taints on managed node groups (https://docs.aws.amazon.com/eks/latest/userguide/node-taints-managed-node-groups.html). (see [below for nested schema](#nestedatt--spec--taints))
- `update_config` (Attributes) The node group update configuration. (see [below for nested schema](#nestedatt--spec--update_config))
-- `version` (String) The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
+- `version` (String) The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.
### Nested Schema for `spec.cluster_ref`
diff --git a/docs/data-sources/enterprise_gloo_solo_io_auth_config_v1_manifest.md b/docs/data-sources/enterprise_gloo_solo_io_auth_config_v1_manifest.md
index 0c7d81699..18c726425 100644
--- a/docs/data-sources/enterprise_gloo_solo_io_auth_config_v1_manifest.md
+++ b/docs/data-sources/enterprise_gloo_solo_io_auth_config_v1_manifest.md
@@ -93,6 +93,7 @@ Optional:
- `headers_from_metadata_entry` (Attributes) (see [below for nested schema](#nestedatt--spec--configs--api_key_auth--headers_from_metadata_entry))
- `k8s_secret_apikey_storage` (Attributes) (see [below for nested schema](#nestedatt--spec--configs--api_key_auth--k8s_secret_apikey_storage))
- `label_selector` (Map of String)
+- `skip_metadata_validation` (Boolean)
### Nested Schema for `spec.configs.api_key_auth.aerospike_apikey_storage`
diff --git a/docs/data-sources/gateway_nginx_org_nginx_proxy_v1alpha1_manifest.md b/docs/data-sources/gateway_nginx_org_nginx_proxy_v1alpha1_manifest.md
index eb71425e0..0efe7d90d 100644
--- a/docs/data-sources/gateway_nginx_org_nginx_proxy_v1alpha1_manifest.md
+++ b/docs/data-sources/gateway_nginx_org_nginx_proxy_v1alpha1_manifest.md
@@ -68,9 +68,9 @@ Optional:
### Nested Schema for `spec.rewrite_client_ip.trusted_addresses`
-Optional:
+Required:
-- `type` (String) Type specifies the type of address. Default is 'cidr' which specifies that the address is a CIDR block.
+- `type` (String) Type specifies the type of address.
- `value` (String) Value specifies the address value.
diff --git a/docs/data-sources/gloo_solo_io_settings_v1_manifest.md b/docs/data-sources/gloo_solo_io_settings_v1_manifest.md
index 1889d1631..337682497 100644
--- a/docs/data-sources/gloo_solo_io_settings_v1_manifest.md
+++ b/docs/data-sources/gloo_solo_io_settings_v1_manifest.md
@@ -89,6 +89,7 @@ Optional:
- `secret_options` (Attributes) (see [below for nested schema](#nestedatt--spec--secret_options))
- `upstream_options` (Attributes) (see [below for nested schema](#nestedatt--spec--upstream_options))
- `vault_secret_source` (Attributes) (see [below for nested schema](#nestedatt--spec--vault_secret_source))
+- `watch_namespace_selectors` (Attributes List) (see [below for nested schema](#nestedatt--spec--watch_namespace_selectors))
- `watch_namespaces` (List of String)
@@ -1077,3 +1078,22 @@ Optional:
- `client_key` (String)
- `insecure` (Boolean)
- `tls_server_name` (String)
+
+
+
+
+### Nested Schema for `spec.watch_namespace_selectors`
+
+Optional:
+
+- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--watch_namespace_selectors--match_expressions))
+- `match_labels` (Map of String)
+
+
+### Nested Schema for `spec.watch_namespace_selectors.match_expressions`
+
+Optional:
+
+- `key` (String)
+- `operator` (String)
+- `values` (List of String)
diff --git a/docs/data-sources/grafana_integreatly_org_grafana_dashboard_v1beta1_manifest.md b/docs/data-sources/grafana_integreatly_org_grafana_dashboard_v1beta1_manifest.md
index 11ae1b815..50f1ba973 100644
--- a/docs/data-sources/grafana_integreatly_org_grafana_dashboard_v1beta1_manifest.md
+++ b/docs/data-sources/grafana_integreatly_org_grafana_dashboard_v1beta1_manifest.md
@@ -109,7 +109,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -139,7 +139,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -152,7 +152,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -186,7 +186,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -199,7 +199,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -263,7 +263,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -276,5 +276,5 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
diff --git a/docs/data-sources/grafana_integreatly_org_grafana_datasource_v1beta1_manifest.md b/docs/data-sources/grafana_integreatly_org_grafana_datasource_v1beta1_manifest.md
index baeddf35c..7933e1c70 100644
--- a/docs/data-sources/grafana_integreatly_org_grafana_datasource_v1beta1_manifest.md
+++ b/docs/data-sources/grafana_integreatly_org_grafana_datasource_v1beta1_manifest.md
@@ -142,7 +142,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -155,5 +155,5 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
diff --git a/docs/data-sources/grafana_integreatly_org_grafana_v1beta1_manifest.md b/docs/data-sources/grafana_integreatly_org_grafana_v1beta1_manifest.md
index 47b578fa7..9daad0f0c 100644
--- a/docs/data-sources/grafana_integreatly_org_grafana_v1beta1_manifest.md
+++ b/docs/data-sources/grafana_integreatly_org_grafana_v1beta1_manifest.md
@@ -135,7 +135,7 @@ Optional:
Optional:
-- `rolling_update` (Attributes) Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be. (see [below for nested schema](#nestedatt--spec--deployment--spec--strategy--rolling_update))
+- `rolling_update` (Attributes) Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. (see [below for nested schema](#nestedatt--spec--deployment--spec--strategy--rolling_update))
- `type` (String) Type of deployment. Can be 'Recreate' or 'RollingUpdate'. Default is RollingUpdate.
@@ -339,8 +339,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -400,8 +400,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -477,8 +477,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -538,8 +538,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -654,7 +654,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -692,7 +692,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -712,7 +712,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -721,7 +721,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -1047,6 +1047,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -1058,7 +1062,7 @@ Optional:
- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
-- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
+- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -1307,7 +1311,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1345,7 +1349,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1365,7 +1369,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -1374,7 +1378,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -1700,6 +1704,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -1711,7 +1719,7 @@ Optional:
- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--ephemeral_containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--ephemeral_containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
-- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
+- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -1893,7 +1901,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -1960,7 +1968,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1998,7 +2006,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -2018,7 +2026,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -2027,7 +2035,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -2353,6 +2361,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -2364,7 +2376,7 @@ Optional:
- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--init_containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--init_containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
-- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
+- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -2558,7 +2570,8 @@ Optional:
- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--security_context--se_linux_options))
- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--security_context--seccomp_profile))
-- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.
+- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.
+- `supplemental_groups_policy` (String) Defines how supplemental groups of the first container processes are calculated. Valid values are 'Merge' and 'Strict'. If not specified, 'Merge' is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.
- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--security_context--sysctls))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--security_context--windows_options))
@@ -2695,7 +2708,8 @@ Optional:
- `gce_persistent_disk` (Attributes) gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--gce_persistent_disk))
- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--git_repo))
- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--glusterfs))
-- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--host_path))
+- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--host_path))
+- `image` (Attributes) image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided: - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--image))
- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--iscsi))
- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--nfs))
- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--persistent_volume_claim))
@@ -2718,7 +2732,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty).
- `read_only` (Boolean) readOnly value true will force the readOnly setting in VolumeMounts. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore
@@ -2772,7 +2786,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2794,7 +2808,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2805,7 +2819,7 @@ Optional:
- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--config_map--items))
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -2841,7 +2855,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -2931,7 +2945,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
-- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -3001,7 +3015,7 @@ Optional:
Optional:
-- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.
- `lun` (Number) lun is Optional: FC target lun number
- `read_only` (Boolean) readOnly is Optional: Defaults to false (read/write). ReadOnly here will force the ReadOnly setting in VolumeMounts.
- `target_ww_ns` (List of String) targetWWNs is Optional: FC target worldwide names (WWNs)
@@ -3027,7 +3041,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -3049,7 +3063,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- `partition` (Number) partition is the partition in the volume that you want to mount. If omitted, the default is to mount by volume name. Examples: For volume /dev/sda1, you specify the partition as '1'. Similarly, the volume partition for /dev/sda is '0' (or you can leave the property empty). More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk
@@ -3092,6 +3106,15 @@ Optional:
- `type` (String) type for HostPath Volume Defaults to '' More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+
+### Nested Schema for `spec.deployment.spec.template.spec.volumes.image`
+
+Optional:
+
+- `pull_policy` (String) Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+- `reference` (String) Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.
+
+
### Nested Schema for `spec.deployment.spec.template.spec.volumes.iscsi`
@@ -3105,7 +3128,7 @@ Optional:
- `chap_auth_discovery` (Boolean) chapAuthDiscovery defines whether support iSCSI Discovery CHAP authentication
- `chap_auth_session` (Boolean) chapAuthSession defines whether support iSCSI Session CHAP authentication
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi
- `initiator_name` (String) initiatorName is the custom iSCSI Initiator Name. If initiatorName is specified with iscsiInterface simultaneously, new iSCSI interface : will be created for the connection.
- `iscsi_interface` (String) iscsiInterface is the interface Name that uses an iSCSI transport. Defaults to 'default' (tcp).
- `portals` (List of String) portals is the iSCSI Target Portal List. The portal is either an IP or ip_addr:port if the port is other than default (typically TCP ports 860 and 3260).
@@ -3117,7 +3140,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -3177,7 +3200,7 @@ Optional:
Optional:
- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-- `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--projected--sources))
+- `sources` (Attributes List) sources is the list of volume projections. Each entry in this list handles one source. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--projected--sources))
### Nested Schema for `spec.deployment.spec.template.spec.volumes.projected.sources`
@@ -3233,7 +3256,7 @@ Optional:
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--projected--sources--config_map--items))
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -3303,7 +3326,7 @@ Optional:
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--deployment--spec--template--spec--volumes--projected--sources--secret--items))
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) optional field specify whether the Secret or its key must be defined
@@ -3361,7 +3384,7 @@ Required:
Optional:
-- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine
+- `fs_type` (String) fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd
- `keyring` (String) keyring is the path to key ring for RBDUser. Default is /etc/ceph/keyring. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- `pool` (String) pool is the rados pool name. Default is rbd. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
- `read_only` (Boolean) readOnly here will force the ReadOnly setting in VolumeMounts. Defaults to false. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it
@@ -3373,7 +3396,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -3401,7 +3424,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -3445,7 +3468,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -3491,7 +3514,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -3504,7 +3527,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -3517,7 +3540,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -3797,6 +3820,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -3999,7 +4026,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -4017,7 +4044,7 @@ Optional:
Optional:
- `api_version` (String) API version of the referent.
-- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.
+- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
diff --git a/docs/data-sources/hive_openshift_io_cluster_deployment_v1_manifest.md b/docs/data-sources/hive_openshift_io_cluster_deployment_v1_manifest.md
index 62a43f3bf..9c3daa5ec 100644
--- a/docs/data-sources/hive_openshift_io_cluster_deployment_v1_manifest.md
+++ b/docs/data-sources/hive_openshift_io_cluster_deployment_v1_manifest.md
@@ -251,7 +251,20 @@ Optional:
Optional:
-- `cidr` (String) Cidr configures the network cidr of the subnetwork that contains the service attachment.
+- `cidr` (String) Cidr specifies the cidr to use when creating a service attachment subnet.
+- `existing` (Attributes) Existing specifies a pre-existing subnet to use instead of creating a new service attachment subnet. This is required when using BYO VPCs. It must be in the same region as the api-int load balancer, be configured with a purpose of 'Private Service Connect', and have sufficient routing and firewall rules to access the api-int load balancer. (see [below for nested schema](#nestedatt--spec--platform--gcp--private_service_connect--service_attachment--subnet--existing))
+
+
+### Nested Schema for `spec.platform.gcp.private_service_connect.service_attachment.subnet.existing`
+
+Required:
+
+- `name` (String) Name specifies the name of the existing subnet.
+
+Optional:
+
+- `project` (String) Project specifies the project the subnet exists in. This is required for Shared VPC.
+
diff --git a/docs/data-sources/hive_openshift_io_cluster_pool_v1_manifest.md b/docs/data-sources/hive_openshift_io_cluster_pool_v1_manifest.md
index 5c62501d1..97a3bdf75 100644
--- a/docs/data-sources/hive_openshift_io_cluster_pool_v1_manifest.md
+++ b/docs/data-sources/hive_openshift_io_cluster_pool_v1_manifest.md
@@ -264,7 +264,20 @@ Optional:
Optional:
-- `cidr` (String) Cidr configures the network cidr of the subnetwork that contains the service attachment.
+- `cidr` (String) Cidr specifies the cidr to use when creating a service attachment subnet.
+- `existing` (Attributes) Existing specifies a pre-existing subnet to use instead of creating a new service attachment subnet. This is required when using BYO VPCs. It must be in the same region as the api-int load balancer, be configured with a purpose of 'Private Service Connect', and have sufficient routing and firewall rules to access the api-int load balancer. (see [below for nested schema](#nestedatt--spec--platform--gcp--private_service_connect--service_attachment--subnet--existing))
+
+
+### Nested Schema for `spec.platform.gcp.private_service_connect.service_attachment.subnet.existing`
+
+Required:
+
+- `name` (String) Name specifies the name of the existing subnet.
+
+Optional:
+
+- `project` (String) Project specifies the project the subnet exists in. This is required for Shared VPC.
+
diff --git a/docs/data-sources/hive_stackable_tech_hive_cluster_v1alpha1_manifest.md b/docs/data-sources/hive_stackable_tech_hive_cluster_v1alpha1_manifest.md
index daa052bd0..48158db7c 100644
--- a/docs/data-sources/hive_stackable_tech_hive_cluster_v1alpha1_manifest.md
+++ b/docs/data-sources/hive_stackable_tech_hive_cluster_v1alpha1_manifest.md
@@ -124,19 +124,22 @@ Required:
Optional:
-- `inline` (Attributes) Inline definition of an S3 connection. (see [below for nested schema](#nestedatt--spec--cluster_config--s3--inline))
-- `reference` (String) A reference to an S3Connection resource.
+- `inline` (Attributes) S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--cluster_config--s3--inline))
+- `reference` (String)
### Nested Schema for `spec.cluster_config.s3.inline`
+Required:
+
+- `host` (String) Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
+
Optional:
- `access_style` (String) Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).
- `credentials` (Attributes) If the S3 uses authentication you have to specify you S3 credentials. In the most cases a [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) providing 'accessKey' and 'secretKey' is sufficient. (see [below for nested schema](#nestedatt--spec--cluster_config--s3--inline--credentials))
-- `host` (String) Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
- `port` (Number) Port the S3 server listens on. If not specified the product will determine the port to use.
-- `tls` (Attributes) If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. (see [below for nested schema](#nestedatt--spec--cluster_config--s3--inline--tls))
+- `tls` (Attributes) Use a TLS connection. If not specified no TLS will be used. (see [below for nested schema](#nestedatt--spec--cluster_config--s3--inline--tls))
### Nested Schema for `spec.cluster_config.s3.inline.credentials`
@@ -154,6 +157,7 @@ Optional:
Optional:
+- `listener_volumes` (List of String) The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.
- `node` (Boolean) The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.
- `pod` (Boolean) The pod scope is resolved to the name of the Kubernetes Pod. This allows the secret to differentiate between StatefulSet replicas.
- `services` (List of String) The service scope allows Pod objects to specify custom scopes. This should typically correspond to Service objects that the Pod participates in.
@@ -212,9 +216,9 @@ Optional:
### Nested Schema for `spec.image.pull_secrets`
-Optional:
+Required:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -269,16 +273,13 @@ Optional:
### Nested Schema for `spec.metastore.role_groups.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.metastore.role_groups.config.logging`
@@ -416,16 +417,13 @@ Optional:
### Nested Schema for `spec.metastore.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.metastore.config.logging`
diff --git a/docs/data-sources/infinispan_org_batch_v2alpha1_manifest.md b/docs/data-sources/infinispan_org_batch_v2alpha1_manifest.md
index a2fbc3cd4..eb27b53be 100644
--- a/docs/data-sources/infinispan_org_batch_v2alpha1_manifest.md
+++ b/docs/data-sources/infinispan_org_batch_v2alpha1_manifest.md
@@ -61,3 +61,12 @@ Optional:
- `config` (String) Batch string to be executed
- `config_map` (String) Name of the ConfigMap containing the batch and resource files to be executed
+- `container` (Attributes) Specify resource requirements per container (see [below for nested schema](#nestedatt--spec--container))
+
+
+### Nested Schema for `spec.container`
+
+Optional:
+
+- `cpu` (String)
+- `memory` (String)
diff --git a/docs/data-sources/infinispan_org_infinispan_v1_manifest.md b/docs/data-sources/infinispan_org_infinispan_v1_manifest.md
index a03231fba..201ad9106 100644
--- a/docs/data-sources/infinispan_org_infinispan_v1_manifest.md
+++ b/docs/data-sources/infinispan_org_infinispan_v1_manifest.md
@@ -568,6 +568,7 @@ Optional:
Optional:
- `categories` (Map of String)
+- `pattern` (String) A custom pattern to be applied to the Log4j STDOUT output
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.md
index 9286e6b82..868106545 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.md
@@ -204,7 +204,7 @@ Required:
Optional:
- `api_version` (String) API version of the referent.
-- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.
+- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.md
index 4e1cd6776..0889ce5c5 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.md
@@ -100,7 +100,7 @@ Optional:
Required:
-- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--template--spec--network--devices))
+- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--template--spec--network--devices))
Optional:
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.md
index 19ca6ef5a..0e87e6239 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.md
@@ -100,7 +100,7 @@ Optional:
Required:
-- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--template--spec--network--devices))
+- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--template--spec--network--devices))
Optional:
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.md
index e204c39ae..d91b51753 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.md
@@ -107,7 +107,7 @@ Optional:
Required:
-- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--template--spec--network--devices))
+- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--template--spec--network--devices))
Optional:
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.md
index 1d14e8101..1096b2584 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.md
@@ -82,7 +82,7 @@ Optional:
Required:
-- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices))
+- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--network--devices))
Optional:
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.md
index a68278cea..5c7b7d084 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.md
@@ -82,7 +82,7 @@ Optional:
Required:
-- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices))
+- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--network--devices))
Optional:
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.md
index f85adf25e..fd8ec777e 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.md
@@ -89,7 +89,7 @@ Optional:
Required:
-- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices))
+- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--network--devices))
Optional:
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.md
index 46aad4224..8bdf07c38 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.md
@@ -82,7 +82,7 @@ Optional:
Required:
-- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices))
+- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--network--devices))
Optional:
@@ -138,7 +138,7 @@ Required:
Optional:
- `api_version` (String) API version of the referent.
-- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.
+- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.md
index 40be9c0fa..a3093a474 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.md
@@ -82,7 +82,7 @@ Optional:
Required:
-- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices))
+- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--network--devices))
Optional:
@@ -138,7 +138,7 @@ Required:
Optional:
- `api_version` (String) API version of the referent.
-- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.
+- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
diff --git a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.md b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.md
index 07aa90df5..9d8ca3da7 100644
--- a/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.md
+++ b/docs/data-sources/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.md
@@ -89,7 +89,7 @@ Optional:
Required:
-- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name (see [below for nested schema](#nestedatt--spec--network--devices))
+- `devices` (Attributes List) Devices is the list of network devices used by the virtual machine. (see [below for nested schema](#nestedatt--spec--network--devices))
Optional:
@@ -194,7 +194,7 @@ Required:
Optional:
- `api_version` (String) API version of the referent.
-- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.
+- `field_path` (String) If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.
- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
diff --git a/docs/data-sources/jaegertracing_io_jaeger_v1_manifest.md b/docs/data-sources/jaegertracing_io_jaeger_v1_manifest.md
index ce41719ee..a3910ab1e 100644
--- a/docs/data-sources/jaegertracing_io_jaeger_v1_manifest.md
+++ b/docs/data-sources/jaegertracing_io_jaeger_v1_manifest.md
@@ -7213,6 +7213,7 @@ Optional:
- `htpasswd_file` (String)
- `sar` (String)
- `skip_logout` (Boolean)
+- `timeout` (String)
diff --git a/docs/data-sources/k6_io_k6_v1alpha1_manifest.md b/docs/data-sources/k6_io_k6_v1alpha1_manifest.md
index 643250769..a73ed6b7a 100644
--- a/docs/data-sources/k6_io_k6_v1alpha1_manifest.md
+++ b/docs/data-sources/k6_io_k6_v1alpha1_manifest.md
@@ -265,6 +265,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -324,6 +326,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -399,6 +403,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -458,6 +464,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -514,6 +522,7 @@ Optional:
Optional:
- `allow_privilege_escalation` (Boolean)
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--container_security_context--app_armor_profile))
- `capabilities` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--container_security_context--capabilities))
- `privileged` (Boolean)
- `proc_mount` (String)
@@ -525,6 +534,18 @@ Optional:
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--container_security_context--seccomp_profile))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--container_security_context--windows_options))
+
+### Nested Schema for `spec.initializer.container_security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.initializer.container_security_context.capabilities`
@@ -809,6 +830,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -985,6 +1007,10 @@ Required:
- `name` (String)
+Optional:
+
+- `request` (String)
+
@@ -992,6 +1018,7 @@ Required:
Optional:
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--security_context--app_armor_profile))
- `fs_group` (Number)
- `fs_group_change_policy` (String)
- `run_as_group` (Number)
@@ -1000,9 +1027,22 @@ Optional:
- `se_linux_options` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--security_context--se_linux_options))
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--security_context--seccomp_profile))
- `supplemental_groups` (List of String)
+- `supplemental_groups_policy` (String)
- `sysctls` (Attributes List) (see [below for nested schema](#nestedatt--spec--initializer--security_context--sysctls))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--security_context--windows_options))
+
+### Nested Schema for `spec.initializer.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.initializer.security_context.se_linux_options`
@@ -1111,6 +1151,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -1141,6 +1182,7 @@ Optional:
- `git_repo` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--git_repo))
- `glusterfs` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--glusterfs))
- `host_path` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--host_path))
+- `image` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--image))
- `iscsi` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--iscsi))
- `nfs` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--nfs))
- `persistent_volume_claim` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--persistent_volume_claim))
@@ -1376,6 +1418,7 @@ Optional:
- `resources` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String)
+- `volume_attributes_class_name` (String)
- `volume_mode` (String)
- `volume_name` (String)
@@ -1411,18 +1454,9 @@ Optional:
Optional:
-- `claims` (Attributes List) (see [below for nested schema](#nestedatt--spec--initializer--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String)
- `requests` (Map of String)
-
-### Nested Schema for `spec.initializer.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String)
-
-
### Nested Schema for `spec.initializer.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -1545,6 +1579,15 @@ Optional:
- `type` (String)
+
+### Nested Schema for `spec.initializer.volumes.image`
+
+Optional:
+
+- `pull_policy` (String)
+- `reference` (String)
+
+
### Nested Schema for `spec.initializer.volumes.iscsi`
@@ -1637,11 +1680,49 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--config_map))
- `downward_api` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--downward_api))
- `secret` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--secret))
- `service_account_token` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.initializer.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String)
+
+Optional:
+
+- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String)
+- `optional` (Boolean)
+- `signer_name` (String)
+
+
+### Nested Schema for `spec.initializer.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String)
+
+
+### Nested Schema for `spec.initializer.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String)
+- `operator` (String)
+
+Optional:
+
+- `values` (List of String)
+
+
+
+
### Nested Schema for `spec.initializer.volumes.projected.sources.config_map`
@@ -2052,6 +2133,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -2111,6 +2194,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -2186,6 +2271,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -2245,6 +2332,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -2301,6 +2390,7 @@ Optional:
Optional:
- `allow_privilege_escalation` (Boolean)
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--container_security_context--app_armor_profile))
- `capabilities` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--container_security_context--capabilities))
- `privileged` (Boolean)
- `proc_mount` (String)
@@ -2312,6 +2402,18 @@ Optional:
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--container_security_context--seccomp_profile))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--container_security_context--windows_options))
+
+### Nested Schema for `spec.runner.container_security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.runner.container_security_context.capabilities`
@@ -2596,6 +2698,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -2772,6 +2875,10 @@ Required:
- `name` (String)
+Optional:
+
+- `request` (String)
+
@@ -2779,6 +2886,7 @@ Required:
Optional:
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--security_context--app_armor_profile))
- `fs_group` (Number)
- `fs_group_change_policy` (String)
- `run_as_group` (Number)
@@ -2787,9 +2895,22 @@ Optional:
- `se_linux_options` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--security_context--se_linux_options))
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--security_context--seccomp_profile))
- `supplemental_groups` (List of String)
+- `supplemental_groups_policy` (String)
- `sysctls` (Attributes List) (see [below for nested schema](#nestedatt--spec--runner--security_context--sysctls))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--security_context--windows_options))
+
+### Nested Schema for `spec.runner.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.runner.security_context.se_linux_options`
@@ -2898,6 +3019,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -2928,6 +3050,7 @@ Optional:
- `git_repo` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--git_repo))
- `glusterfs` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--glusterfs))
- `host_path` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--host_path))
+- `image` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--image))
- `iscsi` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--iscsi))
- `nfs` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--nfs))
- `persistent_volume_claim` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--persistent_volume_claim))
@@ -3163,6 +3286,7 @@ Optional:
- `resources` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String)
+- `volume_attributes_class_name` (String)
- `volume_mode` (String)
- `volume_name` (String)
@@ -3198,18 +3322,9 @@ Optional:
Optional:
-- `claims` (Attributes List) (see [below for nested schema](#nestedatt--spec--runner--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String)
- `requests` (Map of String)
-
-### Nested Schema for `spec.runner.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String)
-
-
### Nested Schema for `spec.runner.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -3332,6 +3447,15 @@ Optional:
- `type` (String)
+
+### Nested Schema for `spec.runner.volumes.image`
+
+Optional:
+
+- `pull_policy` (String)
+- `reference` (String)
+
+
### Nested Schema for `spec.runner.volumes.iscsi`
@@ -3424,11 +3548,49 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--config_map))
- `downward_api` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--downward_api))
- `secret` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--secret))
- `service_account_token` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.runner.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String)
+
+Optional:
+
+- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String)
+- `optional` (Boolean)
+- `signer_name` (String)
+
+
+### Nested Schema for `spec.runner.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String)
+
+
+### Nested Schema for `spec.runner.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String)
+- `operator` (String)
+
+Optional:
+
+- `values` (List of String)
+
+
+
+
### Nested Schema for `spec.runner.volumes.projected.sources.config_map`
@@ -3841,6 +4003,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -3900,6 +4064,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -3975,6 +4141,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -4034,6 +4202,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -4090,6 +4260,7 @@ Optional:
Optional:
- `allow_privilege_escalation` (Boolean)
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--container_security_context--app_armor_profile))
- `capabilities` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--container_security_context--capabilities))
- `privileged` (Boolean)
- `proc_mount` (String)
@@ -4101,6 +4272,18 @@ Optional:
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--container_security_context--seccomp_profile))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--container_security_context--windows_options))
+
+### Nested Schema for `spec.starter.container_security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.starter.container_security_context.capabilities`
@@ -4385,6 +4568,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -4561,6 +4745,10 @@ Required:
- `name` (String)
+Optional:
+
+- `request` (String)
+
@@ -4568,6 +4756,7 @@ Required:
Optional:
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--security_context--app_armor_profile))
- `fs_group` (Number)
- `fs_group_change_policy` (String)
- `run_as_group` (Number)
@@ -4576,9 +4765,22 @@ Optional:
- `se_linux_options` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--security_context--se_linux_options))
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--security_context--seccomp_profile))
- `supplemental_groups` (List of String)
+- `supplemental_groups_policy` (String)
- `sysctls` (Attributes List) (see [below for nested schema](#nestedatt--spec--starter--security_context--sysctls))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--security_context--windows_options))
+
+### Nested Schema for `spec.starter.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.starter.security_context.se_linux_options`
@@ -4687,6 +4889,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -4717,6 +4920,7 @@ Optional:
- `git_repo` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--git_repo))
- `glusterfs` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--glusterfs))
- `host_path` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--host_path))
+- `image` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--image))
- `iscsi` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--iscsi))
- `nfs` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--nfs))
- `persistent_volume_claim` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--persistent_volume_claim))
@@ -4952,6 +5156,7 @@ Optional:
- `resources` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String)
+- `volume_attributes_class_name` (String)
- `volume_mode` (String)
- `volume_name` (String)
@@ -4987,18 +5192,9 @@ Optional:
Optional:
-- `claims` (Attributes List) (see [below for nested schema](#nestedatt--spec--starter--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String)
- `requests` (Map of String)
-
-### Nested Schema for `spec.starter.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String)
-
-
### Nested Schema for `spec.starter.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -5121,6 +5317,15 @@ Optional:
- `type` (String)
+
+### Nested Schema for `spec.starter.volumes.image`
+
+Optional:
+
+- `pull_policy` (String)
+- `reference` (String)
+
+
### Nested Schema for `spec.starter.volumes.iscsi`
@@ -5213,11 +5418,49 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--config_map))
- `downward_api` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--downward_api))
- `secret` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--secret))
- `service_account_token` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.starter.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String)
+
+Optional:
+
+- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String)
+- `optional` (Boolean)
+- `signer_name` (String)
+
+
+### Nested Schema for `spec.starter.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String)
+
+
+### Nested Schema for `spec.starter.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String)
+- `operator` (String)
+
+Optional:
+
+- `values` (List of String)
+
+
+
+
### Nested Schema for `spec.starter.volumes.projected.sources.config_map`
diff --git a/docs/data-sources/k6_io_private_load_zone_v1alpha1_manifest.md b/docs/data-sources/k6_io_private_load_zone_v1alpha1_manifest.md
index d74c9ff5a..6deb9214b 100644
--- a/docs/data-sources/k6_io_private_load_zone_v1alpha1_manifest.md
+++ b/docs/data-sources/k6_io_private_load_zone_v1alpha1_manifest.md
@@ -81,6 +81,10 @@ Required:
- `name` (String)
+Optional:
+
+- `request` (String)
+
diff --git a/docs/data-sources/k6_io_test_run_v1alpha1_manifest.md b/docs/data-sources/k6_io_test_run_v1alpha1_manifest.md
index 80379b3cf..4bfc0ab69 100644
--- a/docs/data-sources/k6_io_test_run_v1alpha1_manifest.md
+++ b/docs/data-sources/k6_io_test_run_v1alpha1_manifest.md
@@ -265,6 +265,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -324,6 +326,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -399,6 +403,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -458,6 +464,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -514,6 +522,7 @@ Optional:
Optional:
- `allow_privilege_escalation` (Boolean)
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--container_security_context--app_armor_profile))
- `capabilities` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--container_security_context--capabilities))
- `privileged` (Boolean)
- `proc_mount` (String)
@@ -525,6 +534,18 @@ Optional:
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--container_security_context--seccomp_profile))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--container_security_context--windows_options))
+
+### Nested Schema for `spec.initializer.container_security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.initializer.container_security_context.capabilities`
@@ -809,6 +830,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -985,6 +1007,10 @@ Required:
- `name` (String)
+Optional:
+
+- `request` (String)
+
@@ -992,6 +1018,7 @@ Required:
Optional:
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--security_context--app_armor_profile))
- `fs_group` (Number)
- `fs_group_change_policy` (String)
- `run_as_group` (Number)
@@ -1000,9 +1027,22 @@ Optional:
- `se_linux_options` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--security_context--se_linux_options))
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--security_context--seccomp_profile))
- `supplemental_groups` (List of String)
+- `supplemental_groups_policy` (String)
- `sysctls` (Attributes List) (see [below for nested schema](#nestedatt--spec--initializer--security_context--sysctls))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--security_context--windows_options))
+
+### Nested Schema for `spec.initializer.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.initializer.security_context.se_linux_options`
@@ -1111,6 +1151,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -1141,6 +1182,7 @@ Optional:
- `git_repo` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--git_repo))
- `glusterfs` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--glusterfs))
- `host_path` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--host_path))
+- `image` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--image))
- `iscsi` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--iscsi))
- `nfs` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--nfs))
- `persistent_volume_claim` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--persistent_volume_claim))
@@ -1376,6 +1418,7 @@ Optional:
- `resources` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String)
+- `volume_attributes_class_name` (String)
- `volume_mode` (String)
- `volume_name` (String)
@@ -1411,18 +1454,9 @@ Optional:
Optional:
-- `claims` (Attributes List) (see [below for nested schema](#nestedatt--spec--initializer--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String)
- `requests` (Map of String)
-
-### Nested Schema for `spec.initializer.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String)
-
-
### Nested Schema for `spec.initializer.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -1545,6 +1579,15 @@ Optional:
- `type` (String)
+
+### Nested Schema for `spec.initializer.volumes.image`
+
+Optional:
+
+- `pull_policy` (String)
+- `reference` (String)
+
+
### Nested Schema for `spec.initializer.volumes.iscsi`
@@ -1637,11 +1680,49 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--config_map))
- `downward_api` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--downward_api))
- `secret` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--secret))
- `service_account_token` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.initializer.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String)
+
+Optional:
+
+- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String)
+- `optional` (Boolean)
+- `signer_name` (String)
+
+
+### Nested Schema for `spec.initializer.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--initializer--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String)
+
+
+### Nested Schema for `spec.initializer.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String)
+- `operator` (String)
+
+Optional:
+
+- `values` (List of String)
+
+
+
+
### Nested Schema for `spec.initializer.volumes.projected.sources.config_map`
@@ -2052,6 +2133,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -2111,6 +2194,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -2186,6 +2271,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -2245,6 +2332,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -2301,6 +2390,7 @@ Optional:
Optional:
- `allow_privilege_escalation` (Boolean)
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--container_security_context--app_armor_profile))
- `capabilities` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--container_security_context--capabilities))
- `privileged` (Boolean)
- `proc_mount` (String)
@@ -2312,6 +2402,18 @@ Optional:
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--container_security_context--seccomp_profile))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--container_security_context--windows_options))
+
+### Nested Schema for `spec.runner.container_security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.runner.container_security_context.capabilities`
@@ -2596,6 +2698,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -2772,6 +2875,10 @@ Required:
- `name` (String)
+Optional:
+
+- `request` (String)
+
@@ -2779,6 +2886,7 @@ Required:
Optional:
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--security_context--app_armor_profile))
- `fs_group` (Number)
- `fs_group_change_policy` (String)
- `run_as_group` (Number)
@@ -2787,9 +2895,22 @@ Optional:
- `se_linux_options` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--security_context--se_linux_options))
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--security_context--seccomp_profile))
- `supplemental_groups` (List of String)
+- `supplemental_groups_policy` (String)
- `sysctls` (Attributes List) (see [below for nested schema](#nestedatt--spec--runner--security_context--sysctls))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--security_context--windows_options))
+
+### Nested Schema for `spec.runner.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.runner.security_context.se_linux_options`
@@ -2898,6 +3019,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -2928,6 +3050,7 @@ Optional:
- `git_repo` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--git_repo))
- `glusterfs` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--glusterfs))
- `host_path` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--host_path))
+- `image` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--image))
- `iscsi` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--iscsi))
- `nfs` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--nfs))
- `persistent_volume_claim` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--persistent_volume_claim))
@@ -3163,6 +3286,7 @@ Optional:
- `resources` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String)
+- `volume_attributes_class_name` (String)
- `volume_mode` (String)
- `volume_name` (String)
@@ -3198,18 +3322,9 @@ Optional:
Optional:
-- `claims` (Attributes List) (see [below for nested schema](#nestedatt--spec--runner--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String)
- `requests` (Map of String)
-
-### Nested Schema for `spec.runner.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String)
-
-
### Nested Schema for `spec.runner.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -3332,6 +3447,15 @@ Optional:
- `type` (String)
+
+### Nested Schema for `spec.runner.volumes.image`
+
+Optional:
+
+- `pull_policy` (String)
+- `reference` (String)
+
+
### Nested Schema for `spec.runner.volumes.iscsi`
@@ -3424,11 +3548,49 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--config_map))
- `downward_api` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--downward_api))
- `secret` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--secret))
- `service_account_token` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.runner.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String)
+
+Optional:
+
+- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String)
+- `optional` (Boolean)
+- `signer_name` (String)
+
+
+### Nested Schema for `spec.runner.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--runner--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String)
+
+
+### Nested Schema for `spec.runner.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String)
+- `operator` (String)
+
+Optional:
+
+- `values` (List of String)
+
+
+
+
### Nested Schema for `spec.runner.volumes.projected.sources.config_map`
@@ -3841,6 +4003,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -3900,6 +4064,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -3975,6 +4141,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String)
@@ -4034,6 +4202,8 @@ Required:
Optional:
- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String)
+- `mismatch_label_keys` (List of String)
- `namespace_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String)
@@ -4090,6 +4260,7 @@ Optional:
Optional:
- `allow_privilege_escalation` (Boolean)
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--container_security_context--app_armor_profile))
- `capabilities` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--container_security_context--capabilities))
- `privileged` (Boolean)
- `proc_mount` (String)
@@ -4101,6 +4272,18 @@ Optional:
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--container_security_context--seccomp_profile))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--container_security_context--windows_options))
+
+### Nested Schema for `spec.starter.container_security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.starter.container_security_context.capabilities`
@@ -4385,6 +4568,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -4561,6 +4745,10 @@ Required:
- `name` (String)
+Optional:
+
+- `request` (String)
+
@@ -4568,6 +4756,7 @@ Required:
Optional:
+- `app_armor_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--security_context--app_armor_profile))
- `fs_group` (Number)
- `fs_group_change_policy` (String)
- `run_as_group` (Number)
@@ -4576,9 +4765,22 @@ Optional:
- `se_linux_options` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--security_context--se_linux_options))
- `seccomp_profile` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--security_context--seccomp_profile))
- `supplemental_groups` (List of String)
+- `supplemental_groups_policy` (String)
- `sysctls` (Attributes List) (see [below for nested schema](#nestedatt--spec--starter--security_context--sysctls))
- `windows_options` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--security_context--windows_options))
+
+### Nested Schema for `spec.starter.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String)
+
+Optional:
+
+- `localhost_profile` (String)
+
+
### Nested Schema for `spec.starter.security_context.se_linux_options`
@@ -4687,6 +4889,7 @@ Optional:
- `mount_propagation` (String)
- `read_only` (Boolean)
+- `recursive_read_only` (String)
- `sub_path` (String)
- `sub_path_expr` (String)
@@ -4717,6 +4920,7 @@ Optional:
- `git_repo` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--git_repo))
- `glusterfs` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--glusterfs))
- `host_path` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--host_path))
+- `image` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--image))
- `iscsi` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--iscsi))
- `nfs` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--nfs))
- `persistent_volume_claim` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--persistent_volume_claim))
@@ -4952,6 +5156,7 @@ Optional:
- `resources` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String)
+- `volume_attributes_class_name` (String)
- `volume_mode` (String)
- `volume_name` (String)
@@ -4987,18 +5192,9 @@ Optional:
Optional:
-- `claims` (Attributes List) (see [below for nested schema](#nestedatt--spec--starter--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String)
- `requests` (Map of String)
-
-### Nested Schema for `spec.starter.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String)
-
-
### Nested Schema for `spec.starter.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -5121,6 +5317,15 @@ Optional:
- `type` (String)
+
+### Nested Schema for `spec.starter.volumes.image`
+
+Optional:
+
+- `pull_policy` (String)
+- `reference` (String)
+
+
### Nested Schema for `spec.starter.volumes.iscsi`
@@ -5213,11 +5418,49 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--config_map))
- `downward_api` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--downward_api))
- `secret` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--secret))
- `service_account_token` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.starter.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String)
+
+Optional:
+
+- `label_selector` (Attributes) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String)
+- `optional` (Boolean)
+- `signer_name` (String)
+
+
+### Nested Schema for `spec.starter.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) (see [below for nested schema](#nestedatt--spec--starter--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String)
+
+
+### Nested Schema for `spec.starter.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String)
+- `operator` (String)
+
+Optional:
+
+- `values` (List of String)
+
+
+
+
### Nested Schema for `spec.starter.volumes.projected.sources.config_map`
diff --git a/docs/data-sources/k8s_mariadb_com_backup_v1alpha1_manifest.md b/docs/data-sources/k8s_mariadb_com_backup_v1alpha1_manifest.md
index 643e43a1f..29d30f063 100644
--- a/docs/data-sources/k8s_mariadb_com_backup_v1alpha1_manifest.md
+++ b/docs/data-sources/k8s_mariadb_com_backup_v1alpha1_manifest.md
@@ -63,6 +63,7 @@ Optional:
- `affinity` (Attributes) Affinity to be used in the Pod. (see [below for nested schema](#nestedatt--spec--affinity))
- `args` (List of String) Args to be used in the Container.
- `backoff_limit` (Number) BackoffLimit defines the maximum number of attempts to successfully take a Backup.
+- `compression` (String) Compression algorithm to be used in the Backup.
- `databases` (List of String) Databases defines the logical databases to be backed up. If not provided, all databases are backed up.
- `failed_jobs_history_limit` (Number) FailedJobsHistoryLimit defines the maximum number of failed Jobs to be displayed.
- `ignore_global_priv` (Boolean) IgnoreGlobalPriv indicates to ignore the mysql.global_priv in backups. If not provided, it will default to true when the referred MariaDB instance has Galera enabled and otherwise to false. See: https://github.com/mariadb-operator/mariadb-operator/issues/556
diff --git a/docs/data-sources/k8s_mariadb_com_maria_db_v1alpha1_manifest.md b/docs/data-sources/k8s_mariadb_com_maria_db_v1alpha1_manifest.md
index 46f43017d..e878ceb64 100644
--- a/docs/data-sources/k8s_mariadb_com_maria_db_v1alpha1_manifest.md
+++ b/docs/data-sources/k8s_mariadb_com_maria_db_v1alpha1_manifest.md
@@ -1222,12 +1222,14 @@ Optional:
Optional:
- `cluster_bootstrap_timeout` (String) ClusterBootstrapTimeout is the time limit for bootstrapping a cluster. Once this timeout is reached, the Galera recovery state is reset and a new cluster bootstrap will be attempted.
+- `cluster_downscale_timeout` (String) ClusterDownscaleTimeout represents the maximum duration for downscaling the cluster's StatefulSet during the recovery process.
- `cluster_healthy_timeout` (String) ClusterHealthyTimeout represents the duration at which a Galera cluster, that consistently failed health checks, is considered unhealthy, and consequently the Galera recovery process will be initiated by the operator.
- `cluster_monitor_interval` (String) ClusterMonitorInterval represents the interval used to monitor the Galera cluster health.
+- `cluster_upscale_timeout` (String) ClusterUpscaleTimeout represents the maximum duration for upscaling the cluster's StatefulSet during the recovery process.
- `enabled` (Boolean) Enabled is a flag to enable GaleraRecovery.
- `force_cluster_bootstrap_in_pod` (String) ForceClusterBootstrapInPod allows you to manually initiate the bootstrap process in a specific Pod. IMPORTANT: Use this option only in exceptional circumstances. Not selecting the Pod with the highest sequence number may result in data loss. IMPORTANT: Ensure you unset this field after completing the bootstrap to allow the operator to choose the appropriate Pod to bootstrap from in an event of cluster recovery.
- `job` (Attributes) Job defines a Job that co-operates with mariadb-operator by performing the Galera cluster recovery . (see [below for nested schema](#nestedatt--spec--galera--recovery--job))
-- `min_cluster_size` (String) MinClusterSize is the minimum number of replicas to consider the cluster healthy. It can be either a number of replicas (1) or a percentage (50%). If Galera consistently reports less replicas than this value for the given 'ClusterHealthyTimeout' interval, a cluster recovery is iniated. It defaults to '1' replica.
+- `min_cluster_size` (String) MinClusterSize is the minimum number of replicas to consider the cluster healthy. It can be either a number of replicas (1) or a percentage (50%). If Galera consistently reports less replicas than this value for the given 'ClusterHealthyTimeout' interval, a cluster recovery is iniated. It defaults to '1' replica, and it is highly recommendeded to keep this value at '1' in most cases. If set to more than one replica, the cluster recovery process may restart the healthy replicas as well.
- `pod_recovery_timeout` (String) PodRecoveryTimeout is the time limit for recevorying the sequence of a Pod during the cluster recovery.
- `pod_sync_timeout` (String) PodSyncTimeout is the time limit for a Pod to join the cluster after having performed a cluster bootstrap during the cluster recovery.
diff --git a/docs/data-sources/kafka_services_k8s_aws_cluster_v1alpha1_manifest.md b/docs/data-sources/kafka_services_k8s_aws_cluster_v1alpha1_manifest.md
index 1f0aa6995..30cb7ab7a 100644
--- a/docs/data-sources/kafka_services_k8s_aws_cluster_v1alpha1_manifest.md
+++ b/docs/data-sources/kafka_services_k8s_aws_cluster_v1alpha1_manifest.md
@@ -97,7 +97,7 @@ Optional:
Optional:
-- `type_` (String)
+- `type` (String)
diff --git a/docs/data-sources/kiali_io_kiali_v1alpha1_manifest.md b/docs/data-sources/kiali_io_kiali_v1alpha1_manifest.md
index 8a3558509..8fedbaf85 100644
--- a/docs/data-sources/kiali_io_kiali_v1alpha1_manifest.md
+++ b/docs/data-sources/kiali_io_kiali_v1alpha1_manifest.md
@@ -60,6 +60,7 @@ Optional:
- `clustering` (Attributes) Multi-cluster related features. (see [below for nested schema](#nestedatt--spec--clustering))
- `custom_dashboards` (List of Map of String) A list of user-defined custom monitoring dashboards that you can use to generate metrics charts for your applications. The server has some built-in dashboards; if you define a custom dashboard here with the same name as a built-in dashboard, your custom dashboard takes precedence and will overwrite the built-in dashboard. You can disable one or more of the built-in dashboards by simply defining an empty dashboard. An example of an additional user-defined dashboard, ''' - name: myapp title: My App Metrics items: - chart: name: 'Thread Count' spans: 4 metricName: 'thread-count' dataType: 'raw' ''' An example of disabling a built-in dashboard (in this case, disabling the Envoy dashboard), ''' - name: envoy ''' To learn more about custom monitoring dashboards, see the documentation at https://kiali.io/docs/configuration/custom-dashboard/
- `deployment` (Attributes) (see [below for nested schema](#nestedatt--spec--deployment))
+- `extensions` (Attributes List) Defines third-party extensions whose metrics can be integrated into the Kiali traffic graph. (see [below for nested schema](#nestedatt--spec--extensions))
- `external_services` (Attributes) These external service configuration settings define how to connect to the external services like Prometheus, Grafana, and Jaeger. Regarding sensitive values in the external_services 'auth' sections: Some external services configured below support an 'auth' sub-section in order to tell Kiali how it should authenticate with the external services. Credentials used to authenticate Kiali to those external services can be defined in the 'auth.password' and 'auth.token' values within the 'auth' sub-section. Because these are sensitive values, you may not want to declare the actual credentials here in the Kiali CR. In this case, you may store the actual password or token string in a Kubernetes secret. If you do, you need to set the 'auth.password' or 'auth.token' to a value in the format 'secret::' where '' is the name of the secret object that Kiali can access, and '' is the name of the key within the named secret that contains the actual password or token string. For example, if Grafana requires a password, you can store that password in a secret named 'myGrafanaCredentials' in a key named 'myGrafanaPw'. In this case, you would set 'external_services.grafana.auth.password' to 'secret:myGrafanaCredentials:myGrafanaPw'. (see [below for nested schema](#nestedatt--spec--external_services))
- `health_config` (Attributes) This section defines what it means for nodes to be healthy. For more details, see https://kiali.io/docs/configuration/health/ (see [below for nested schema](#nestedatt--spec--health_config))
- `identity` (Attributes) Settings that define the Kiali server identity. (see [below for nested schema](#nestedatt--spec--identity))
@@ -324,6 +325,15 @@ Optional:
+
+### Nested Schema for `spec.extensions`
+
+Optional:
+
+- `enabled` (Boolean) Determines if the Kiali traffic graph should incorporate the extension's metrics.
+- `name` (String) The name that is used to identify the metric time series for the extension.
+
+
### Nested Schema for `spec.external_services`
@@ -643,7 +653,6 @@ Optional:
Optional:
-- `certificates_information_indicators` (Attributes) Flag to enable/disable displaying certificates information and which secrets to grant read permissions. (see [below for nested schema](#nestedatt--spec--kiali_feature_flags--certificates_information_indicators))
- `disabled_features` (List of String) There may be some features that admins do not want to be accessible to users (even in 'view only' mode). In this case, this setting allows you to disable one or more of those features entirely.
- `istio_annotation_action` (Boolean) Flag to enable/disable an Action to edit annotations.
- `istio_injection_action` (Boolean) Flag to enable/disable an Action to label a namespace for automatic Istio Sidecar injection.
@@ -651,15 +660,6 @@ Optional:
- `ui_defaults` (Attributes) Default settings for the UI. These defaults apply to all users. (see [below for nested schema](#nestedatt--spec--kiali_feature_flags--ui_defaults))
- `validations` (Attributes) Features specific to the validations subsystem. (see [below for nested schema](#nestedatt--spec--kiali_feature_flags--validations))
-
-### Nested Schema for `spec.kiali_feature_flags.certificates_information_indicators`
-
-Optional:
-
-- `enabled` (Boolean)
-- `secrets` (List of String)
-
-
### Nested Schema for `spec.kiali_feature_flags.ui_defaults`
diff --git a/docs/data-sources/kuadrant_io_dns_record_v1alpha1_manifest.md b/docs/data-sources/kuadrant_io_dns_record_v1alpha1_manifest.md
index e503e9771..9cc5a9e45 100644
--- a/docs/data-sources/kuadrant_io_dns_record_v1alpha1_manifest.md
+++ b/docs/data-sources/kuadrant_io_dns_record_v1alpha1_manifest.md
@@ -100,7 +100,17 @@ Optional:
Optional:
-- `endpoint` (String) Endpoint is the path to append to the host to reach the expected health check. Must start with '?' or '/', contain only valid URL characters and end with alphanumeric char or '/'. For example '/' or '/healthz' are common
+- `additional_headers_ref` (Attributes) AdditionalHeadersRef refers to a secret that contains extra headers to send in the probe request, this is primarily useful if an authentication token is required by the endpoint. (see [below for nested schema](#nestedatt--spec--health_check--additional_headers_ref))
+- `allow_insecure_certificate` (Boolean) AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate this is primarily used in development or testing environments
- `failure_threshold` (Number) FailureThreshold is a limit of consecutive failures that must occur for a host to be considered unhealthy
+- `interval` (String) Interval defines how frequently this probe should execute
+- `path` (String) Path is the path to append to the host to reach the expected health check. Must start with '?' or '/', contain only valid URL characters and end with alphanumeric char or '/'. For example '/' or '/healthz' are common
- `port` (Number) Port to connect to the host on. Must be either 80, 443 or 1024-49151
- `protocol` (String) Protocol to use when connecting to the host, valid values are 'HTTP' or 'HTTPS'
+
+
+### Nested Schema for `spec.health_check.additional_headers_ref`
+
+Required:
+
+- `name` (String)
diff --git a/docs/data-sources/limitador_kuadrant_io_limitador_v1alpha1_manifest.md b/docs/data-sources/limitador_kuadrant_io_limitador_v1alpha1_manifest.md
index 0855eeba9..65323de65 100644
--- a/docs/data-sources/limitador_kuadrant_io_limitador_v1alpha1_manifest.md
+++ b/docs/data-sources/limitador_kuadrant_io_limitador_v1alpha1_manifest.md
@@ -57,6 +57,7 @@ Optional:
- `affinity` (Attributes) Affinity is a group of affinity scheduling rules. (see [below for nested schema](#nestedatt--spec--affinity))
- `image` (String)
+- `image_pull_secrets` (Attributes List) (see [below for nested schema](#nestedatt--spec--image_pull_secrets))
- `limits` (Attributes List) (see [below for nested schema](#nestedatt--spec--limits))
- `listener` (Attributes) (see [below for nested schema](#nestedatt--spec--listener))
- `pdb` (Attributes) (see [below for nested schema](#nestedatt--spec--pdb))
@@ -443,6 +444,14 @@ Optional:
+
+### Nested Schema for `spec.image_pull_secrets`
+
+Optional:
+
+- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+
+
### Nested Schema for `spec.limits`
diff --git a/docs/data-sources/logging_banzaicloud_io_cluster_output_v1alpha1_manifest.md b/docs/data-sources/logging_banzaicloud_io_cluster_output_v1alpha1_manifest.md
index a83859f2c..7b7e76335 100644
--- a/docs/data-sources/logging_banzaicloud_io_cluster_output_v1alpha1_manifest.md
+++ b/docs/data-sources/logging_banzaicloud_io_cluster_output_v1alpha1_manifest.md
@@ -3210,6 +3210,7 @@ Optional:
- `kafka_agg_max_bytes` (Number)
- `kafka_agg_max_messages` (Number)
- `keytab` (Attributes) (see [below for nested schema](#nestedatt--spec--kafka--keytab))
+- `max_send_limit_bytes` (Number)
- `max_send_retries` (Number)
- `message_key_key` (String)
- `partition_key` (String)
diff --git a/docs/data-sources/logging_banzaicloud_io_cluster_output_v1beta1_manifest.md b/docs/data-sources/logging_banzaicloud_io_cluster_output_v1beta1_manifest.md
index b9e6f15a8..0e0255010 100644
--- a/docs/data-sources/logging_banzaicloud_io_cluster_output_v1beta1_manifest.md
+++ b/docs/data-sources/logging_banzaicloud_io_cluster_output_v1beta1_manifest.md
@@ -3210,6 +3210,7 @@ Optional:
- `kafka_agg_max_bytes` (Number)
- `kafka_agg_max_messages` (Number)
- `keytab` (Attributes) (see [below for nested schema](#nestedatt--spec--kafka--keytab))
+- `max_send_limit_bytes` (Number)
- `max_send_retries` (Number)
- `message_key_key` (String)
- `partition_key` (String)
diff --git a/docs/data-sources/logging_banzaicloud_io_output_v1alpha1_manifest.md b/docs/data-sources/logging_banzaicloud_io_output_v1alpha1_manifest.md
index 6298b1e65..e1f2320f8 100644
--- a/docs/data-sources/logging_banzaicloud_io_output_v1alpha1_manifest.md
+++ b/docs/data-sources/logging_banzaicloud_io_output_v1alpha1_manifest.md
@@ -3206,6 +3206,7 @@ Optional:
- `kafka_agg_max_bytes` (Number)
- `kafka_agg_max_messages` (Number)
- `keytab` (Attributes) (see [below for nested schema](#nestedatt--spec--kafka--keytab))
+- `max_send_limit_bytes` (Number)
- `max_send_retries` (Number)
- `message_key_key` (String)
- `partition_key` (String)
diff --git a/docs/data-sources/logging_banzaicloud_io_output_v1beta1_manifest.md b/docs/data-sources/logging_banzaicloud_io_output_v1beta1_manifest.md
index ff0bdb2f0..f2fc89b1d 100644
--- a/docs/data-sources/logging_banzaicloud_io_output_v1beta1_manifest.md
+++ b/docs/data-sources/logging_banzaicloud_io_output_v1beta1_manifest.md
@@ -3210,6 +3210,7 @@ Optional:
- `kafka_agg_max_bytes` (Number)
- `kafka_agg_max_messages` (Number)
- `keytab` (Attributes) (see [below for nested schema](#nestedatt--spec--kafka--keytab))
+- `max_send_limit_bytes` (Number)
- `max_send_retries` (Number)
- `message_key_key` (String)
- `partition_key` (String)
diff --git a/docs/data-sources/monitoring_coreos_com_prometheus_rule_v1_manifest.md b/docs/data-sources/monitoring_coreos_com_prometheus_rule_v1_manifest.md
index 943cc31e5..3a6328c26 100644
--- a/docs/data-sources/monitoring_coreos_com_prometheus_rule_v1_manifest.md
+++ b/docs/data-sources/monitoring_coreos_com_prometheus_rule_v1_manifest.md
@@ -67,6 +67,7 @@ Optional:
- `interval` (String) Interval determines how often rules in the group are evaluated.
- `limit` (Number) Limit the number of alerts an alerting rule and series a recording rule can produce. Limit is supported starting with Prometheus >= 2.31 and Thanos Ruler >= 0.24.
- `partial_response_strategy` (String) PartialResponseStrategy is only used by ThanosRuler and will be ignored by Prometheus instances. More info: https://github.com/thanos-io/thanos/blob/main/docs/components/rule.md#partial-response
+- `query_offset` (String) Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0. It is not supported for ThanosRuler.
- `rules` (Attributes List) List of alerting and recording rules. (see [below for nested schema](#nestedatt--spec--groups--rules))
diff --git a/docs/data-sources/monitoring_coreos_com_prometheus_v1_manifest.md b/docs/data-sources/monitoring_coreos_com_prometheus_v1_manifest.md
index 03d83f740..2990984c3 100644
--- a/docs/data-sources/monitoring_coreos_com_prometheus_v1_manifest.md
+++ b/docs/data-sources/monitoring_coreos_com_prometheus_v1_manifest.md
@@ -128,6 +128,7 @@ Optional:
- `retention_size` (String) Maximum number of bytes used by the Prometheus data.
- `route_prefix` (String) The route prefix Prometheus registers HTTP handlers for. This is useful when using 'spec.externalURL', and a proxy is rewriting HTTP routes of a request, and the actual ExternalURL is still true, but the server serves requests under a different route prefix. For example for use with 'kubectl proxy'.
- `rule_namespace_selector` (Attributes) Namespaces to match for PrometheusRule discovery. An empty label selector matches all namespaces. A null label selector matches the current namespace only. (see [below for nested schema](#nestedatt--spec--rule_namespace_selector))
+- `rule_query_offset` (String) Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0.
- `rule_selector` (Attributes) PrometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects. (see [below for nested schema](#nestedatt--spec--rule_selector))
- `rules` (Attributes) Defines the configuration of the Prometheus rules' engine. (see [below for nested schema](#nestedatt--spec--rules))
- `sample_limit` (Number) SampleLimit defines per-scrape limit on number of scraped samples that will be accepted. Only valid in Prometheus versions 2.45.0 and newer. Note that the global limit only applies to scrape objects that don't specify an explicit limit value. If you want to enforce a maximum limit for all scrape objects, refer to enforcedSampleLimit.
diff --git a/docs/data-sources/postgresql_cnpg_io_cluster_v1_manifest.md b/docs/data-sources/postgresql_cnpg_io_cluster_v1_manifest.md
index 1a8661505..44a828e17 100644
--- a/docs/data-sources/postgresql_cnpg_io_cluster_v1_manifest.md
+++ b/docs/data-sources/postgresql_cnpg_io_cluster_v1_manifest.md
@@ -148,8 +148,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--affinity--additional_pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--affinity--additional_pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -209,8 +209,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--affinity--additional_pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--affinity--additional_pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -286,8 +286,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--affinity--additional_pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--affinity--additional_pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -347,8 +347,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--affinity--additional_pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--affinity--additional_pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1132,7 +1132,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--ephemeral_volume_source--volume_claim_template--spec--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--ephemeral_volume_source--volume_claim_template--spec--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
-- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -1802,7 +1802,7 @@ Optional:
Optional:
- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-- `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--projected_volume_template--sources))
+- `sources` (Attributes List) sources is the list of volume projections. Each entry in this list handles one source. (see [below for nested schema](#nestedatt--spec--projected_volume_template--sources))
### Nested Schema for `spec.projected_volume_template.sources`
@@ -2023,6 +2023,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -2076,7 +2080,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--storage--pvc_template--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--storage--pvc_template--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
-- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -2182,7 +2186,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--tablespaces--storage--pvc_template--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--tablespaces--storage--pvc_template--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
-- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -2316,7 +2320,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--wal_storage--pvc_template--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--wal_storage--pvc_template--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
-- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
diff --git a/docs/data-sources/postgresql_cnpg_io_pooler_v1_manifest.md b/docs/data-sources/postgresql_cnpg_io_pooler_v1_manifest.md
index 5593d2ec7..8ba2548ea 100644
--- a/docs/data-sources/postgresql_cnpg_io_pooler_v1_manifest.md
+++ b/docs/data-sources/postgresql_cnpg_io_pooler_v1_manifest.md
@@ -275,9 +275,9 @@ Optional:
- `hostname` (String) Specifies the hostname of the Pod If not specified, the pod's hostname will be set to a system-defined value.
- `image_pull_secrets` (Attributes List) ImagePullSecrets is an optional list of references to secrets in the same namespace to use for pulling any of the images used by this PodSpec. If specified, these secrets will be passed to individual puller implementations for them to use. More info: https://kubernetes.io/docs/concepts/containers/images#specifying-imagepullsecrets-on-a-pod (see [below for nested schema](#nestedatt--spec--template--spec--image_pull_secrets))
- `init_containers` (Attributes List) List of initialization containers belonging to the pod. Init containers are executed in order prior to containers being started. If any init container fails, the pod is considered to have failed and is handled according to its restartPolicy. The name for an init container or normal container must be unique among all containers. Init containers may not have Lifecycle actions, Readiness probes, Liveness probes, or Startup probes. The resourceRequirements of an init container are taken into account during scheduling by finding the highest request/limit for each resource type, and then using the max of of that value or the sum of the normal containers. Limits are applied to init containers in a similar fashion. Init containers cannot currently be added or removed. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/init-containers/ (see [below for nested schema](#nestedatt--spec--template--spec--init_containers))
-- `node_name` (String) NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.
+- `node_name` (String) NodeName indicates in which node this pod is scheduled. If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. This field should not be used to express a desire for the pod to be scheduled on a specific node. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename
- `node_selector` (Map of String) NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
-- `os` (Attributes) Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup (see [below for nested schema](#nestedatt--spec--template--spec--os))
+- `os` (Attributes) Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup (see [below for nested schema](#nestedatt--spec--template--spec--os))
- `overhead` (Map of String) Overhead represents the resource overhead associated with running a pod for a given RuntimeClass. This field will be autopopulated at admission time by the RuntimeClass admission controller. If the RuntimeClass admission controller is enabled, overhead must not be set in Pod create requests. The RuntimeClass admission controller will reject Pod create requests which have the overhead already set. If RuntimeClass is configured and selected in the PodSpec, Overhead will be set to the value defined in the corresponding RuntimeClass, otherwise it will remain unset and treated as zero. More info: https://git.k8s.io/enhancements/keps/sig-node/688-pod-overhead/README.md
- `preemption_policy` (String) PreemptionPolicy is the Policy for preempting pods with lower priority. One of Never, PreemptLowerPriority. Defaults to PreemptLowerPriority if unset.
- `priority` (Number) The priority value. Various system components use this field to find the priority of the pod. When Priority Admission Controller is enabled, it prevents users from setting this field. The admission controller populates this field from PriorityClassName. The higher the value, the higher the priority.
@@ -756,6 +756,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -767,7 +771,7 @@ Optional:
- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--spec--containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--spec--containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
-- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
+- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -1063,8 +1067,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--template--spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--template--spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1124,8 +1128,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--template--spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--template--spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1201,8 +1205,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--template--spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--template--spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1262,8 +1266,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--template--spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--template--spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1791,6 +1795,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -1802,7 +1810,7 @@ Optional:
- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--spec--ephemeral_containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--spec--ephemeral_containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
-- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
+- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -2444,6 +2452,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -2455,7 +2467,7 @@ Optional:
- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--spec--init_containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--spec--init_containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
-- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
+- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
- `read_only_root_filesystem` (Boolean) Whether this container has a read-only root filesystem. Default is false. Note that this field cannot be set when spec.os.name is windows.
- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is windows.
- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -2645,16 +2657,8 @@ Required:
Optional:
-- `source` (Attributes) Source describes where to find the ResourceClaim. (see [below for nested schema](#nestedatt--spec--template--spec--resource_claims--source))
-
-
-### Nested Schema for `spec.template.spec.resource_claims.source`
-
-Optional:
-
-- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
-- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.
-
+- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod. Exactly one of ResourceClaimName and ResourceClaimTemplateName must be set.
+- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim. Exactly one of ResourceClaimName and ResourceClaimTemplateName must be set.
@@ -2678,7 +2682,8 @@ Optional:
- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--spec--security_context--se_linux_options))
- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--spec--security_context--seccomp_profile))
-- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.
+- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.
+- `supplemental_groups_policy` (String) Defines how supplemental groups of the first container processes are calculated. Valid values are 'Merge' and 'Strict'. If not specified, 'Merge' is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.
- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--spec--security_context--sysctls))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--template--spec--security_context--windows_options))
@@ -2816,6 +2821,7 @@ Optional:
- `git_repo` (Attributes) gitRepo represents a git repository at a particular revision. DEPRECATED: GitRepo is deprecated. To provision a container with a git repo, mount an EmptyDir into an InitContainer that clones the repo using git, then mount the EmptyDir into the Pod's container. (see [below for nested schema](#nestedatt--spec--template--spec--volumes--git_repo))
- `glusterfs` (Attributes) glusterfs represents a Glusterfs mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/glusterfs/README.md (see [below for nested schema](#nestedatt--spec--template--spec--volumes--glusterfs))
- `host_path` (Attributes) hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath (see [below for nested schema](#nestedatt--spec--template--spec--volumes--host_path))
+- `image` (Attributes) image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided: - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type. (see [below for nested schema](#nestedatt--spec--template--spec--volumes--image))
- `iscsi` (Attributes) iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md (see [below for nested schema](#nestedatt--spec--template--spec--volumes--iscsi))
- `nfs` (Attributes) nfs represents an NFS mount on the host that shares a pod's lifetime More info: https://kubernetes.io/docs/concepts/storage/volumes#nfs (see [below for nested schema](#nestedatt--spec--template--spec--volumes--nfs))
- `persistent_volume_claim` (Attributes) persistentVolumeClaimVolumeSource represents a reference to a PersistentVolumeClaim in the same namespace. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#persistentvolumeclaims (see [below for nested schema](#nestedatt--spec--template--spec--volumes--persistent_volume_claim))
@@ -3051,7 +3057,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--template--spec--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--template--spec--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
-- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -3212,6 +3218,15 @@ Optional:
- `type` (String) type for HostPath Volume Defaults to '' More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath
+
+### Nested Schema for `spec.template.spec.volumes.image`
+
+Optional:
+
+- `pull_policy` (String) Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.
+- `reference` (String) Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.
+
+
### Nested Schema for `spec.template.spec.volumes.iscsi`
@@ -3297,7 +3312,7 @@ Optional:
Optional:
- `default_mode` (Number) defaultMode are the mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
-- `sources` (Attributes List) sources is the list of volume projections (see [below for nested schema](#nestedatt--spec--template--spec--volumes--projected--sources))
+- `sources` (Attributes List) sources is the list of volume projections. Each entry in this list handles one source. (see [below for nested schema](#nestedatt--spec--template--spec--volumes--projected--sources))
### Nested Schema for `spec.template.spec.volumes.projected.sources`
diff --git a/docs/data-sources/psmdb_percona_com_percona_server_mongo_db_v1_manifest.md b/docs/data-sources/psmdb_percona_com_percona_server_mongo_db_v1_manifest.md
index 93e60b352..0d22ef096 100644
--- a/docs/data-sources/psmdb_percona_com_percona_server_mongo_db_v1_manifest.md
+++ b/docs/data-sources/psmdb_percona_com_percona_server_mongo_db_v1_manifest.md
@@ -3224,9 +3224,7 @@ Optional:
- `external_traffic_policy` (String)
- `internal_traffic_policy` (String)
- `labels` (Map of String)
-- `load_balancer_ip` (String)
- `load_balancer_source_ranges` (List of String)
-- `node_port` (Number)
- `service_annotations` (Map of String)
- `service_labels` (Map of String)
- `type` (String)
@@ -7866,6 +7864,7 @@ Required:
Optional:
- `encryption_key` (String)
+- `key_file` (String)
- `ldap_secret` (String)
- `sse` (String)
- `ssl` (String)
@@ -10487,9 +10486,7 @@ Optional:
- `external_traffic_policy` (String)
- `internal_traffic_policy` (String)
- `labels` (Map of String)
-- `load_balancer_ip` (String)
- `load_balancer_source_ranges` (List of String)
-- `node_port` (Number)
- `service_annotations` (Map of String)
- `service_labels` (Map of String)
- `type` (String)
@@ -15575,7 +15572,6 @@ Optional:
- `external_traffic_policy` (String)
- `internal_traffic_policy` (String)
- `labels` (Map of String)
-- `load_balancer_ip` (String)
- `load_balancer_source_ranges` (List of String)
- `node_port` (Number)
- `service_annotations` (Map of String)
diff --git a/docs/data-sources/pxc_percona_com_percona_xtra_db_cluster_v1_manifest.md b/docs/data-sources/pxc_percona_com_percona_xtra_db_cluster_v1_manifest.md
index 3f9c9cc32..02fd4c545 100644
--- a/docs/data-sources/pxc_percona_com_percona_xtra_db_cluster_v1_manifest.md
+++ b/docs/data-sources/pxc_percona_com_percona_xtra_db_cluster_v1_manifest.md
@@ -59,6 +59,7 @@ Optional:
- `backup` (Attributes) (see [below for nested schema](#nestedatt--spec--backup))
- `cr_version` (String)
- `enable_cr_validation_webhook` (Boolean)
+- `enable_volume_expansion` (Boolean)
- `haproxy` (Attributes) (see [below for nested schema](#nestedatt--spec--haproxy))
- `ignore_annotations` (List of String)
- `ignore_labels` (List of String)
diff --git a/docs/data-sources/rds_services_k8s_aws_db_cluster_v1alpha1_manifest.md b/docs/data-sources/rds_services_k8s_aws_db_cluster_v1alpha1_manifest.md
index e411439de..a7a83adc2 100644
--- a/docs/data-sources/rds_services_k8s_aws_db_cluster_v1alpha1_manifest.md
+++ b/docs/data-sources/rds_services_k8s_aws_db_cluster_v1alpha1_manifest.md
@@ -106,13 +106,17 @@ Optional:
- `preferred_maintenance_window` (String) The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC). Format: ddd:hh24:mi-ddd:hh24:mi The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Web Services Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred DB Cluster Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora) in the Amazon Aurora User Guide. Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun. Constraints: Minimum 30-minute window. Valid for: Aurora DB clusters and Multi-AZ DB clusters
- `publicly_accessible` (Boolean) A value that indicates whether the DB cluster is publicly accessible. When the DB cluster is publicly accessible, its Domain Name System (DNS) endpoint resolves to the private IP address from within the DB cluster's virtual private cloud (VPC). It resolves to the public IP address from outside of the DB cluster's VPC. Access to the DB cluster is ultimately controlled by the security group it uses. That public access isn't permitted if the security group assigned to the DB cluster doesn't permit it. When the DB cluster isn't publicly accessible, it is an internal DB cluster with a DNS name that resolves to a private IP address. Default: The default behavior varies depending on whether DBSubnetGroupName is specified. If DBSubnetGroupName isn't specified, and PubliclyAccessible isn't specified, the following applies: * If the default VPC in the target Region doesn’t have an internet gateway attached to it, the DB cluster is private. * If the default VPC in the target Region has an internet gateway attached to it, the DB cluster is public. If DBSubnetGroupName is specified, and PubliclyAccessible isn't specified, the following applies: * If the subnets are part of a VPC that doesn’t have an internet gateway attached to it, the DB cluster is private. * If the subnets are part of a VPC that has an internet gateway attached to it, the DB cluster is public. Valid for: Multi-AZ DB clusters only
- `replication_source_identifier` (String) The Amazon Resource Name (ARN) of the source DB instance or DB cluster if this DB cluster is created as a read replica. Valid for: Aurora DB clusters and Multi-AZ DB clusters
+- `restore_to_time` (String) The date and time to restore the DB cluster to. Valid Values: Value must be a time in Universal Coordinated Time (UTC) format Constraints: * Must be before the latest restorable time for the DB instance * Must be specified if UseLatestRestorableTime parameter isn't provided * Can't be specified if the UseLatestRestorableTime parameter is enabled * Can't be specified if the RestoreType parameter is copy-on-write Example: 2015-03-07T23:45:00Z Valid for: Aurora DB clusters and Multi-AZ DB clusters
+- `restore_type` (String) The type of restore to be performed. You can specify one of the following values: * full-copy - The new DB cluster is restored as a full copy of the source DB cluster. * copy-on-write - The new DB cluster is restored as a clone of the source DB cluster. Constraints: You can't specify copy-on-write if the engine version of the source DB cluster is earlier than 1.11. If you don't specify a RestoreType value, then the new DB cluster is restored as a full copy of the source DB cluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters
- `scaling_configuration` (Attributes) For DB clusters in serverless DB engine mode, the scaling properties of the DB cluster. Valid for: Aurora DB clusters only (see [below for nested schema](#nestedatt--spec--scaling_configuration))
- `serverless_v2_scaling_configuration` (Attributes) Contains the scaling configuration of an Aurora Serverless v2 DB cluster. For more information, see Using Amazon Aurora Serverless v2 (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.html) in the Amazon Aurora User Guide. (see [below for nested schema](#nestedatt--spec--serverless_v2_scaling_configuration))
- `snapshot_identifier` (String) The identifier for the DB snapshot or DB cluster snapshot to restore from. You can use either the name or the Amazon Resource Name (ARN) to specify a DB cluster snapshot. However, you can use only the ARN to specify a DB snapshot. Constraints: * Must match the identifier of an existing Snapshot. Valid for: Aurora DB clusters and Multi-AZ DB clusters
+- `source_db_cluster_identifier` (String) The identifier of the source DB cluster from which to restore. Constraints: * Must match the identifier of an existing DBCluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters
- `source_region` (String) SourceRegion is the source region where the resource exists. This is not sent over the wire and is only used for presigning. This value should always have the same region as the source ARN.
- `storage_encrypted` (Boolean) A value that indicates whether the DB cluster is encrypted. Valid for: Aurora DB clusters and Multi-AZ DB clusters
- `storage_type` (String) Specifies the storage type to be associated with the DB cluster. This setting is required to create a Multi-AZ DB cluster. Valid values: io1 When specified, a value for the Iops parameter is required. Default: io1 Valid for: Multi-AZ DB clusters only
- `tags` (Attributes List) Tags to assign to the DB cluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters (see [below for nested schema](#nestedatt--spec--tags))
+- `use_latest_restorable_time` (Boolean) A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster isn't restored to the latest restorable backup time. Constraints: Can't be specified if RestoreToTime parameter is provided. Valid for: Aurora DB clusters and Multi-AZ DB clusters
- `vpc_security_group_i_ds` (List of String) A list of EC2 VPC security groups to associate with this DB cluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters
- `vpc_security_group_refs` (Attributes List) (see [below for nested schema](#nestedatt--spec--vpc_security_group_refs))
diff --git a/docs/data-sources/repo_manager_pulpproject_org_pulp_backup_v1beta2_manifest.md b/docs/data-sources/repo_manager_pulpproject_org_pulp_backup_v1beta2_manifest.md
index 71341e1d5..dd973bcf9 100644
--- a/docs/data-sources/repo_manager_pulpproject_org_pulp_backup_v1beta2_manifest.md
+++ b/docs/data-sources/repo_manager_pulpproject_org_pulp_backup_v1beta2_manifest.md
@@ -197,8 +197,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -258,8 +258,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -335,8 +335,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -396,8 +396,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
diff --git a/docs/data-sources/repo_manager_pulpproject_org_pulp_v1beta2_manifest.md b/docs/data-sources/repo_manager_pulpproject_org_pulp_v1beta2_manifest.md
index 777694b29..2edda4ddd 100644
--- a/docs/data-sources/repo_manager_pulpproject_org_pulp_v1beta2_manifest.md
+++ b/docs/data-sources/repo_manager_pulpproject_org_pulp_v1beta2_manifest.md
@@ -91,6 +91,7 @@ Optional:
- `ingress_tls_secret` (String) Ingress TLS secret
- `ingress_type` (String) The ingress type to use to reach the deployed instance. Default: none (will not expose the service)
- `inhibit_version_constraint` (Boolean) Relax the check of image_version and image_web_version not matching. Default: 'false'
+- `ipv6_disabled` (Boolean) Disable ipv6 for pulpcore and pulp-web pods
- `is_nginx_ingress` (Boolean) Define if the IngressClass provided has Nginx as Ingress Controller. If the Ingress Controller is not nginx the operator will automatically provision 'pulp-web' pods to redirect the traffic. If it is a nginx controller the traffic will be forwarded to api and content pods. This variable is a workaround to avoid having to grant a ClusterRole (to do a get into the IngressClass and verify the controller). Default: false
- `ldap` (Attributes) LDAP defines the ldap resources used by pulpcore containers to integrate Pulp with LDAP authentication (see [below for nested schema](#nestedatt--spec--ldap))
- `loadbalancer_port` (Number) Port exposed by pulp-web service when ingress_type==loadbalancer
@@ -276,8 +277,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--api--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--api--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -337,8 +338,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--api--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--api--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -414,8 +415,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--api--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--api--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -475,8 +476,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--api--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--api--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -558,7 +559,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -596,7 +597,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -642,7 +643,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -680,7 +681,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -945,7 +946,7 @@ Optional:
- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--api--topology_spread_constraints--label_selector))
- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
-- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.
- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
@@ -1020,7 +1021,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1058,7 +1059,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1235,8 +1236,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--cache--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--cache--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1296,8 +1297,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--cache--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--cache--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1373,8 +1374,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--cache--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--cache--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1434,8 +1435,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--cache--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--cache--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1833,8 +1834,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--content--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--content--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1894,8 +1895,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--content--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--content--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -1971,8 +1972,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--content--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--content--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -2032,8 +2033,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--content--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--content--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -2115,7 +2116,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -2153,7 +2154,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -2199,7 +2200,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -2237,7 +2238,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -2502,7 +2503,7 @@ Optional:
- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--content--topology_spread_constraints--label_selector))
- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
-- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.
- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
@@ -2685,8 +2686,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--database--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--database--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -2746,8 +2747,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--database--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--database--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -2823,8 +2824,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--database--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--database--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -2884,8 +2885,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--database--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--database--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -3169,7 +3170,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -3207,7 +3208,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -3280,7 +3281,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -3318,7 +3319,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -3422,7 +3423,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -3460,7 +3461,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -3832,8 +3833,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--worker--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--worker--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -3893,8 +3894,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--worker--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--worker--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -3970,8 +3971,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--worker--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--worker--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -4031,8 +4032,8 @@ Required:
Optional:
- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--worker--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
-- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
-- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--worker--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -4114,7 +4115,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -4152,7 +4153,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -4198,7 +4199,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -4236,7 +4237,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -4501,7 +4502,7 @@ Optional:
- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--worker--topology_spread_constraints--label_selector))
- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
-- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.
- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
diff --git a/docs/data-sources/resources_teleport_dev_teleport_oidc_connector_v3_manifest.md b/docs/data-sources/resources_teleport_dev_teleport_oidc_connector_v3_manifest.md
index c664553e6..5043371e7 100644
--- a/docs/data-sources/resources_teleport_dev_teleport_oidc_connector_v3_manifest.md
+++ b/docs/data-sources/resources_teleport_dev_teleport_oidc_connector_v3_manifest.md
@@ -67,6 +67,7 @@ Optional:
- `google_service_account_uri` (String) GoogleServiceAccountURI is a path to a google service account uri.
- `issuer_url` (String) IssuerURL is the endpoint of the provider, e.g. https://accounts.google.com.
- `max_age` (String) MaxAge is the amount of time that user logins are valid for. If a user logs in, but then does not login again within this time period, they will be forced to re-authenticate.
+- `mfa` (Attributes) MFASettings contains settings to enable SSO MFA checks through this auth connector. (see [below for nested schema](#nestedatt--spec--mfa))
- `prompt` (String) Prompt is an optional OIDC prompt. An empty string omits prompt. If not specified, it defaults to select_account for backwards compatibility.
- `provider` (String) Provider is the external identity provider.
- `redirect_url` (List of String) RedirectURLs is a list of callback URLs which the identity provider can use to redirect the client back to the Teleport Proxy to complete authentication. This list should match the URLs on the provider's side. The URL used for a given auth request will be chosen to match the requesting Proxy's public address. If there is no match, the first url in the list will be used.
@@ -90,3 +91,15 @@ Optional:
- `allowed_https_hostnames` (List of String) a list of hostnames allowed for https client redirect URLs
- `insecure_allowed_cidr_ranges` (List of String) a list of CIDRs allowed for HTTP or HTTPS client redirect URLs
+
+
+
+### Nested Schema for `spec.mfa`
+
+Optional:
+
+- `acr_values` (String) AcrValues are Authentication Context Class Reference values. The meaning of the ACR value is context-specific and varies for identity providers. Some identity providers support MFA specific contexts, such Okta with its 'phr' (phishing-resistant) ACR.
+- `client_id` (String) ClientID is the OIDC OAuth app client ID.
+- `client_secret` (String) ClientSecret is the OIDC OAuth app client secret.
+- `enabled` (Boolean) Enabled specified whether this OIDC connector supports MFA checks. Defaults to false.
+- `prompt` (String) Prompt is an optional OIDC prompt. An empty string omits prompt. If not specified, it defaults to select_account for backwards compatibility.
diff --git a/docs/data-sources/resources_teleport_dev_teleport_saml_connector_v2_manifest.md b/docs/data-sources/resources_teleport_dev_teleport_saml_connector_v2_manifest.md
index 1876f7994..d466f2ba7 100644
--- a/docs/data-sources/resources_teleport_dev_teleport_saml_connector_v2_manifest.md
+++ b/docs/data-sources/resources_teleport_dev_teleport_saml_connector_v2_manifest.md
@@ -66,6 +66,7 @@ Optional:
- `entity_descriptor` (String) EntityDescriptor is XML with descriptor. It can be used to supply configuration parameters in one XML file rather than supplying them in the individual elements.
- `entity_descriptor_url` (String) EntityDescriptorURL is a URL that supplies a configuration XML.
- `issuer` (String) Issuer is the identity provider issuer.
+- `mfa` (Attributes) MFASettings contains settings to enable SSO MFA checks through this auth connector. (see [below for nested schema](#nestedatt--spec--mfa))
- `provider` (String) Provider is the external identity provider.
- `service_provider_issuer` (String) ServiceProviderIssuer is the issuer of the service provider (Teleport).
- `signing_key_pair` (Attributes) SigningKeyPair is an x509 key pair used to sign AuthnRequest. (see [below for nested schema](#nestedatt--spec--signing_key_pair))
@@ -100,6 +101,16 @@ Optional:
- `insecure_allowed_cidr_ranges` (List of String) a list of CIDRs allowed for HTTP or HTTPS client redirect URLs
+
+### Nested Schema for `spec.mfa`
+
+Optional:
+
+- `enabled` (Boolean) Enabled specified whether this SAML connector supports MFA checks. Defaults to false.
+- `entity_descriptor` (String) EntityDescriptor is XML with descriptor. It can be used to supply configuration parameters in one XML file rather than supplying them in the individual elements.
+- `entity_descriptor_url` (String) EntityDescriptorUrl is a URL that supplies a configuration XML.
+
+
### Nested Schema for `spec.signing_key_pair`
diff --git a/docs/data-sources/scylla_scylladb_com_scylla_cluster_v1_manifest.md b/docs/data-sources/scylla_scylladb_com_scylla_cluster_v1_manifest.md
index 8adc36a3f..f220a6c21 100644
--- a/docs/data-sources/scylla_scylladb_com_scylla_cluster_v1_manifest.md
+++ b/docs/data-sources/scylla_scylladb_com_scylla_cluster_v1_manifest.md
@@ -1554,7 +1554,7 @@ Optional:
Optional:
- `dns_policy` (String) dnsPolicy defines how a pod's DNS will be configured.
-- `host_networking` (Boolean) hostNetworking determines if scylla uses the host's network namespace. Setting this option avoids going through Kubernetes SDN and exposes scylla on node's IP.
+- `host_networking` (Boolean) hostNetworking determines if scylla uses the host's network namespace. Setting this option avoids going through Kubernetes SDN and exposes scylla on node's IP. Deprecated: 'hostNetworking' is deprecated and may be ignored in the future.
diff --git a/docs/data-sources/secrets_hashicorp_com_vault_auth_v1beta1_manifest.md b/docs/data-sources/secrets_hashicorp_com_vault_auth_v1beta1_manifest.md
index d66873762..4799ed082 100644
--- a/docs/data-sources/secrets_hashicorp_com_vault_auth_v1beta1_manifest.md
+++ b/docs/data-sources/secrets_hashicorp_com_vault_auth_v1beta1_manifest.md
@@ -68,7 +68,7 @@ Optional:
- `params` (Map of String) Params to use when authenticating to Vault
- `storage_encryption` (Attributes) StorageEncryption provides the necessary configuration to encrypt the client storage cache. This should only be configured when client cache persistence with encryption is enabled. This is done by passing setting the manager's commandline argument --client-cache-persistence-model=direct-encrypted. Typically, there should only ever be one VaultAuth configured with StorageEncryption in the Cluster, and it should have the label: cacheStorageEncryption=true (see [below for nested schema](#nestedatt--spec--storage_encryption))
- `vault_auth_global_ref` (Attributes) VaultAuthGlobalRef. (see [below for nested schema](#nestedatt--spec--vault_auth_global_ref))
-- `vault_connection_ref` (String) VaultConnectionRef to the VaultConnection resource, can be prefixed with a namespace, eg: 'namespaceA/vaultConnectionRefB'. If no namespace prefix is provided it will default to namespace of the VaultConnection CR. If no value is specified for VaultConnectionRef the Operator will default to the 'default' VaultConnection, configured in the operator's namespace.
+- `vault_connection_ref` (String) VaultConnectionRef to the VaultConnection resource, can be prefixed with a namespace, eg: 'namespaceA/vaultConnectionRefB'. If no namespace prefix is provided it will default to the namespace of the VaultConnection CR. If no value is specified for VaultConnectionRef the Operator will default to the 'default' VaultConnection, configured in the operator's namespace.
### Nested Schema for `spec.app_role`
diff --git a/docs/data-sources/secrets_hashicorp_com_vault_dynamic_secret_v1beta1_manifest.md b/docs/data-sources/secrets_hashicorp_com_vault_dynamic_secret_v1beta1_manifest.md
index 8db1e1dab..7acc4e127 100644
--- a/docs/data-sources/secrets_hashicorp_com_vault_dynamic_secret_v1beta1_manifest.md
+++ b/docs/data-sources/secrets_hashicorp_com_vault_dynamic_secret_v1beta1_manifest.md
@@ -62,14 +62,14 @@ Required:
Optional:
- `allow_static_creds` (Boolean) AllowStaticCreds should be set when syncing credentials that are periodically rotated by the Vault server, rather than created upon request. These secrets are sometimes referred to as 'static roles', or 'static credentials', with a request path that contains 'static-creds'.
-- `namespace` (String) Namespace where the secrets engine is mounted in Vault.
+- `namespace` (String) Namespace of the secrets engine mount in Vault. If not set, the namespace that's part of VaultAuth resource will be inferred.
- `params` (Map of String) Params that can be passed when requesting credentials/secrets. When Params is set the configured RequestHTTPMethod will be ignored. See RequestHTTPMethod for more details. Please consult https://developer.hashicorp.com/vault/docs/secrets if you are uncertain about what 'params' should/can be set to.
- `refresh_after` (String) RefreshAfter a period of time for VSO to sync the source secret data, in duration notation e.g. 30s, 1m, 24h. This value only needs to be set when syncing from a secret's engine that does not provide a lease TTL in its response. The value should be within the secret engine's configured ttl or max_ttl. The source secret's lease duration takes precedence over this configuration when it is greater than 0.
- `renewal_percent` (Number) RenewalPercent is the percent out of 100 of the lease duration when the lease is renewed. Defaults to 67 percent plus jitter.
- `request_http_method` (String) RequestHTTPMethod to use when syncing Secrets from Vault. Setting a value here is not typically required. If left unset the Operator will make requests using the GET method. In the case where Params are specified the Operator will use the PUT method. Please consult https://developer.hashicorp.com/vault/docs/secrets if you are uncertain about what method to use. Of note, the Vault client treats PUT and POST as being equivalent. The underlying Vault client implementation will always use the PUT method.
- `revoke` (Boolean) Revoke the existing lease on VDS resource deletion.
- `rollout_restart_targets` (Attributes List) RolloutRestartTargets should be configured whenever the application(s) consuming the Vault secret does not support dynamically reloading a rotated secret. In that case one, or more RolloutRestartTarget(s) can be configured here. The Operator will trigger a 'rollout-restart' for each target whenever the Vault secret changes between reconciliation events. See RolloutRestartTarget for more details. (see [below for nested schema](#nestedatt--spec--rollout_restart_targets))
-- `vault_auth_ref` (String) VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.
+- `vault_auth_ref` (String) VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to the namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.
### Nested Schema for `spec.destination`
diff --git a/docs/data-sources/secrets_hashicorp_com_vault_pki_secret_v1beta1_manifest.md b/docs/data-sources/secrets_hashicorp_com_vault_pki_secret_v1beta1_manifest.md
index 12052d9cd..ed8030de7 100644
--- a/docs/data-sources/secrets_hashicorp_com_vault_pki_secret_v1beta1_manifest.md
+++ b/docs/data-sources/secrets_hashicorp_com_vault_pki_secret_v1beta1_manifest.md
@@ -69,7 +69,7 @@ Optional:
- `format` (String) Format for the certificate. Choices: 'pem', 'der', 'pem_bundle'. If 'pem_bundle', any private key and issuing cert will be appended to the certificate pem. If 'der', the value will be base64 encoded. Default: pem
- `ip_sans` (List of String) IPSans to include in the request.
- `issuer_ref` (String) IssuerRef reference to an existing PKI issuer, either by Vault-generated identifier, the literal string default to refer to the currently configured default issuer, or the name assigned to an issuer. This parameter is part of the request URL.
-- `namespace` (String) Namespace to get the secret from in Vault
+- `namespace` (String) Namespace of the secrets engine mount in Vault. If not set, the namespace that's part of VaultAuth resource will be inferred.
- `not_after` (String) NotAfter field of the certificate with specified date value. The value format should be given in UTC format YYYY-MM-ddTHH:MM:SSZ
- `other_sans` (List of String) Requested other SANs, in an array with the format oid;type:value for each entry.
- `private_key_format` (String) PrivateKeyFormat, generally the default will be controlled by the Format parameter as either base64-encoded DER or PEM-encoded DER. However, this can be set to 'pkcs8' to have the returned private key contain base64-encoded pkcs8 or PEM-encoded pkcs8 instead. Default: der
@@ -78,7 +78,7 @@ Optional:
- `ttl` (String) TTL for the certificate; sets the expiration date. If not specified the Vault role's default, backend default, or system default TTL is used, in that order. Cannot be larger than the mount's max TTL. Note: this only has an effect when generating a CA cert or signing a CA cert, not when generating a CSR for an intermediate CA. Should be in duration notation e.g. 120s, 2h, etc.
- `uri_sans` (List of String) The requested URI SANs.
- `user_i_ds` (List of String) User ID (OID 0.9.2342.19200300.100.1.1) Subject values to be placed on the signed certificate.
-- `vault_auth_ref` (String) VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.
+- `vault_auth_ref` (String) VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to the namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.
### Nested Schema for `spec.destination`
diff --git a/docs/data-sources/secrets_hashicorp_com_vault_static_secret_v1beta1_manifest.md b/docs/data-sources/secrets_hashicorp_com_vault_static_secret_v1beta1_manifest.md
index a27b7a290..7606379ad 100644
--- a/docs/data-sources/secrets_hashicorp_com_vault_static_secret_v1beta1_manifest.md
+++ b/docs/data-sources/secrets_hashicorp_com_vault_static_secret_v1beta1_manifest.md
@@ -63,11 +63,11 @@ Required:
Optional:
- `hmac_secret_data` (Boolean) HMACSecretData determines whether the Operator computes the HMAC of the Secret's data. The MAC value will be stored in the resource's Status.SecretMac field, and will be used for drift detection and during incoming Vault secret comparison. Enabling this feature is recommended to ensure that Secret's data stays consistent with Vault.
-- `namespace` (String) Namespace to get the secret from in Vault
+- `namespace` (String) Namespace of the secrets engine mount in Vault. If not set, the namespace that's part of VaultAuth resource will be inferred.
- `refresh_after` (String) RefreshAfter a period of time, in duration notation e.g. 30s, 1m, 24h
- `rollout_restart_targets` (Attributes List) RolloutRestartTargets should be configured whenever the application(s) consuming the Vault secret does not support dynamically reloading a rotated secret. In that case one, or more RolloutRestartTarget(s) can be configured here. The Operator will trigger a 'rollout-restart' for each target whenever the Vault secret changes between reconciliation events. All configured targets wil be ignored if HMACSecretData is set to false. See RolloutRestartTarget for more details. (see [below for nested schema](#nestedatt--spec--rollout_restart_targets))
- `sync_config` (Attributes) SyncConfig configures sync behavior from Vault to VSO (see [below for nested schema](#nestedatt--spec--sync_config))
-- `vault_auth_ref` (String) VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.
+- `vault_auth_ref` (String) VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to the namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.
- `version` (Number) Version of the secret to fetch. Only valid for type kv-v2. Corresponds to version query parameter: https://developer.hashicorp.com/vault/api-docs/secret/kv/kv-v2#version
diff --git a/docs/data-sources/secrets_stackable_tech_secret_class_v1alpha1_manifest.md b/docs/data-sources/secrets_stackable_tech_secret_class_v1alpha1_manifest.md
index 0ee4239a7..34b619004 100644
--- a/docs/data-sources/secrets_stackable_tech_secret_class_v1alpha1_manifest.md
+++ b/docs/data-sources/secrets_stackable_tech_secret_class_v1alpha1_manifest.md
@@ -60,7 +60,7 @@ Required:
Optional:
-- `auto_tls` (Attributes) The ['autoTls' backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-autotls) issues a TLS certificate signed by the Secret Operator. The certificate authority can be provided by the administrator, or managed automatically by the Secret Operator. A new certificate and keypair will be generated and signed for each Pod, keys or certificates are never reused. (see [below for nested schema](#nestedatt--spec--backend--auto_tls))
+- `auto_tls` (Attributes) The ['autoTls' backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-autotls) issues a TLS certificate signed by the Secret Operator. The certificate authority can be provided by the administrator, or managed automatically by the Secret Operator. A new certificate and key pair will be generated and signed for each Pod, keys or certificates are never reused. (see [below for nested schema](#nestedatt--spec--backend--auto_tls))
- `experimental_cert_manager` (Attributes) The ['experimentalCertManager' backend][1] injects a TLS certificate issued by [cert-manager](https://cert-manager.io/). A new certificate will be requested the first time it is used by a Pod, it will be reused after that (subject to cert-manager renewal rules). [1]: https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-certmanager (see [below for nested schema](#nestedatt--spec--backend--experimental_cert_manager))
- `k8s_search` (Attributes) The ['k8sSearch' backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-k8ssearch) can be used to mount Secrets across namespaces into Pods. (see [below for nested schema](#nestedatt--spec--backend--k8s_search))
- `kerberos_keytab` (Attributes) The ['kerberosKeytab' backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-kerberoskeytab) creates a Kerberos keytab file for a selected realm. The Kerberos KDC and administrator credentials must be provided by the administrator. (see [below for nested schema](#nestedatt--spec--backend--kerberos_keytab))
@@ -87,6 +87,7 @@ Optional:
- `auto_generate` (Boolean) Whether the certificate authority should be managed by Secret Operator, including being generated if it does not already exist.
- `ca_certificate_lifetime` (String) The lifetime of each generated certificate authority. Should always be more than double 'maxCertificateLifetime'. If 'autoGenerate: true' then the Secret Operator will prepare a new CA certificate the old CA approaches expiration. If 'autoGenerate: false' then the Secret Operator will log a warning instead.
+- `key_generation` (Attributes) The algorithm used to generate a key pair and required configuration settings. Currently only RSA and a key length of 2048, 3072 or 4096 bits can be configured. (see [below for nested schema](#nestedatt--spec--backend--auto_tls--ca--key_generation))
### Nested Schema for `spec.backend.auto_tls.ca.secret`
@@ -97,6 +98,22 @@ Required:
- `namespace` (String) Namespace of the Secret being referred to.
+
+### Nested Schema for `spec.backend.auto_tls.ca.key_generation`
+
+Optional:
+
+- `rsa` (Attributes) (see [below for nested schema](#nestedatt--spec--backend--auto_tls--ca--key_generation--rsa))
+
+
+### Nested Schema for `spec.backend.auto_tls.ca.key_generation.rsa`
+
+Required:
+
+- `length` (Number) The amount of bits used for generating the RSA keypair. Currently, '2048', '3072' and '4096' are supported. Defaults to '2048' bits.
+
+
+
diff --git a/docs/data-sources/sonataflow_org_sonata_flow_build_v1alpha08_manifest.md b/docs/data-sources/sonataflow_org_sonata_flow_build_v1alpha08_manifest.md
index 9b6e1897f..72d4701df 100644
--- a/docs/data-sources/sonataflow_org_sonata_flow_build_v1alpha08_manifest.md
+++ b/docs/data-sources/sonataflow_org_sonata_flow_build_v1alpha08_manifest.md
@@ -92,7 +92,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -130,7 +130,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -167,7 +167,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -205,7 +205,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
diff --git a/docs/data-sources/sonataflow_org_sonata_flow_platform_v1alpha08_manifest.md b/docs/data-sources/sonataflow_org_sonata_flow_platform_v1alpha08_manifest.md
index 0392582c2..b1fb8d6be 100644
--- a/docs/data-sources/sonataflow_org_sonata_flow_platform_v1alpha08_manifest.md
+++ b/docs/data-sources/sonataflow_org_sonata_flow_platform_v1alpha08_manifest.md
@@ -57,6 +57,7 @@ Optional:
- `build` (Attributes) Build Attributes for building workflows in the target platform (see [below for nested schema](#nestedatt--spec--build))
- `dev_mode` (Attributes) DevMode Attributes for running workflows in devmode (immutable, no build required) (see [below for nested schema](#nestedatt--spec--dev_mode))
+- `eventing` (Attributes) Eventing describes the information required for Knative Eventing integration in the platform. (see [below for nested schema](#nestedatt--spec--eventing))
- `persistence` (Attributes) Persistence defines the platform persistence configuration. When this field is set, the configuration is used as the persistence for platform services and SonataFlow instances that don't provide one of their own. (see [below for nested schema](#nestedatt--spec--persistence))
- `properties` (Attributes) Properties defines the property set for a given actor in the current context. For example, the workflow managed properties. One can define here a set of properties for SonataFlow deployments that will be reused across every workflow deployment. These properties MAY NOT be propagated to a SonataFlowClusterPlatform since PropertyVarSource can only refer local context sources. (see [below for nested schema](#nestedatt--spec--properties))
- `services` (Attributes) Services attributes for deploying supporting applications like Data Index & Job Service. Only workflows without the 'sonataflow.org/profile: dev' annotation will be configured to use these service(s). Setting this will override the use of any cluster-scoped services that might be defined via 'SonataFlowClusterPlatform'. (see [below for nested schema](#nestedatt--spec--services))
@@ -135,7 +136,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -173,7 +174,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -210,7 +211,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -248,7 +249,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -282,6 +283,40 @@ Optional:
- `base_image` (String) Base image to run the Workflow in dev mode instead of the operator's default.
+
+### Nested Schema for `spec.eventing`
+
+Optional:
+
+- `broker` (Attributes) Broker to communicate with workflow deployment. It can be the default broker when the workflow, Dataindex, or Jobservice does not have a sink or source specified. (see [below for nested schema](#nestedatt--spec--eventing--broker))
+
+
+### Nested Schema for `spec.eventing.broker`
+
+Optional:
+
+- `ca_certs` (String) CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.
+- `ref` (Attributes) Ref points to an Addressable. (see [below for nested schema](#nestedatt--spec--eventing--broker--ref))
+- `uri` (String) URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.
+
+
+### Nested Schema for `spec.eventing.broker.ref`
+
+Required:
+
+- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+Optional:
+
+- `address` (String) Address points to a specific Address Name.
+- `api_version` (String) API version of the referent.
+- `group` (String) Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086
+- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.
+
+
+
+
### Nested Schema for `spec.persistence`
@@ -366,7 +401,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -379,7 +414,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -402,6 +437,7 @@ Optional:
- `enabled` (Boolean) Determines whether workflows without the 'sonataflow.org/profile: dev' annotation should be configured to use this service
- `persistence` (Attributes) Persists service to a datasource of choice. Ephemeral by default. (see [below for nested schema](#nestedatt--spec--services--data_index--persistence))
- `pod_template` (Attributes) PodTemplate describes the deployment details of this platform service instance. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template))
+- `source` (Attributes) Defines the source where the Dataindex receives events from (see [below for nested schema](#nestedatt--spec--services--data_index--source))
### Nested Schema for `spec.services.data_index.persistence`
@@ -628,7 +664,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -687,7 +725,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -762,7 +802,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -821,7 +863,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -930,7 +974,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -968,7 +1012,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -988,7 +1032,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -997,7 +1041,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -1017,6 +1061,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--lifecycle--post_start--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--lifecycle--post_start--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--lifecycle--post_start--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--lifecycle--post_start--tcp_socket))
@@ -1051,6 +1096,14 @@ Required:
+
+### Nested Schema for `spec.services.data_index.pod_template.container.lifecycle.post_start.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.data_index.pod_template.container.lifecycle.post_start.tcp_socket`
@@ -1071,6 +1124,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--lifecycle--pre_stop--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--lifecycle--pre_stop--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--lifecycle--pre_stop--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--lifecycle--pre_stop--tcp_socket))
@@ -1105,6 +1159,14 @@ Required:
+
+### Nested Schema for `spec.services.data_index.pod_template.container.lifecycle.pre_stop.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.data_index.pod_template.container.lifecycle.pre_stop.tcp_socket`
@@ -1313,6 +1375,7 @@ Required:
Optional:
- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
@@ -1324,6 +1387,18 @@ Optional:
- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--security_context--seccomp_profile))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--container--security_context--windows_options))
+
+### Nested Schema for `spec.services.data_index.pod_template.container.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.services.data_index.pod_template.container.security_context.capabilities`
@@ -1353,7 +1428,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -1363,7 +1438,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -1460,8 +1535,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -1488,6 +1564,7 @@ Optional:
- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--readiness_probe))
- `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--resize_policy))
- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--resources))
+- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.
- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--security_context))
- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--startup_probe))
- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
@@ -1530,7 +1607,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1568,7 +1645,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1588,7 +1665,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -1597,7 +1674,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -1617,6 +1694,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--lifecycle--post_start--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--lifecycle--post_start--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--lifecycle--post_start--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--lifecycle--post_start--tcp_socket))
@@ -1651,6 +1729,14 @@ Required:
+
+### Nested Schema for `spec.services.data_index.pod_template.containers.lifecycle.post_start.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.data_index.pod_template.containers.lifecycle.post_start.tcp_socket`
@@ -1671,6 +1757,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--lifecycle--pre_stop--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--lifecycle--pre_stop--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--lifecycle--pre_stop--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--lifecycle--pre_stop--tcp_socket))
@@ -1705,6 +1792,14 @@ Required:
+
+### Nested Schema for `spec.services.data_index.pod_template.containers.lifecycle.pre_stop.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.data_index.pod_template.containers.lifecycle.pre_stop.tcp_socket`
@@ -1913,6 +2008,7 @@ Required:
Optional:
- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
@@ -1924,6 +2020,18 @@ Optional:
- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--security_context--seccomp_profile))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--containers--security_context--windows_options))
+
+### Nested Schema for `spec.services.data_index.pod_template.containers.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.services.data_index.pod_template.containers.security_context.capabilities`
@@ -1953,7 +2061,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -1963,7 +2071,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -2060,8 +2168,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -2089,10 +2198,13 @@ Optional:
### Nested Schema for `spec.services.data_index.pod_template.host_aliases`
+Required:
+
+- `ip` (String) IP address of the host file entry.
+
Optional:
- `hostnames` (List of String) Hostnames for the above IP address.
-- `ip` (String) IP address of the host file entry.
@@ -2100,7 +2212,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -2124,6 +2236,7 @@ Optional:
- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--readiness_probe))
- `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--resize_policy))
- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--resources))
+- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.
- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--security_context))
- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--startup_probe))
- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
@@ -2166,7 +2279,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -2204,7 +2317,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -2224,7 +2337,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -2233,7 +2346,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -2253,6 +2366,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--lifecycle--post_start--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--lifecycle--post_start--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--lifecycle--post_start--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--lifecycle--post_start--tcp_socket))
@@ -2287,6 +2401,14 @@ Required:
+
+### Nested Schema for `spec.services.data_index.pod_template.init_containers.lifecycle.post_start.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.data_index.pod_template.init_containers.lifecycle.post_start.tcp_socket`
@@ -2307,6 +2429,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--lifecycle--pre_stop--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--lifecycle--pre_stop--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--lifecycle--pre_stop--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--lifecycle--pre_stop--tcp_socket))
@@ -2341,6 +2464,14 @@ Required:
+
+### Nested Schema for `spec.services.data_index.pod_template.init_containers.lifecycle.pre_stop.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.data_index.pod_template.init_containers.lifecycle.pre_stop.tcp_socket`
@@ -2549,6 +2680,7 @@ Required:
Optional:
- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
@@ -2560,6 +2692,18 @@ Optional:
- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--security_context--seccomp_profile))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--init_containers--security_context--windows_options))
+
+### Nested Schema for `spec.services.data_index.pod_template.init_containers.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.services.data_index.pod_template.init_containers.security_context.capabilities`
@@ -2589,7 +2733,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -2599,7 +2743,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -2696,8 +2840,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -2736,7 +2881,7 @@ Optional:
Optional:
- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
-- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.
+- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.
@@ -2753,6 +2898,7 @@ Required:
Optional:
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--security_context--app_armor_profile))
- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.
- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
@@ -2764,6 +2910,18 @@ Optional:
- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--security_context--sysctls))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--security_context--windows_options))
+
+### Nested Schema for `spec.services.data_index.pod_template.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.services.data_index.pod_template.security_context.se_linux_options`
@@ -2784,7 +2942,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -2803,7 +2961,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -2833,7 +2991,7 @@ Optional:
- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--topology_spread_constraints--label_selector))
- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
-- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.
- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
@@ -2962,7 +3120,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -2984,7 +3142,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -2995,7 +3153,7 @@ Optional:
- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -3031,7 +3189,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3052,7 +3210,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--downward_api--items--resource_field_ref))
@@ -3121,6 +3279,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -3156,18 +3315,9 @@ Optional:
Optional:
-- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
-### Nested Schema for `spec.services.data_index.pod_template.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
-
-
### Nested Schema for `spec.services.data_index.pod_template.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -3225,7 +3375,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3315,7 +3465,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3382,18 +3532,56 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) configMap information about the configMap data to project (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--config_map))
- `downward_api` (Attributes) downwardAPI information about the downwardAPI data to project (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--downward_api))
- `secret` (Attributes) secret information about the secret data to project (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--secret))
- `service_account_token` (Attributes) serviceAccountToken is information about the serviceAccountToken data to project (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.services.data_index.pod_template.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String) Relative path from the volume root to write the bundle.
+
+Optional:
+
+- `label_selector` (Attributes) Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String) Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.
+- `optional` (Boolean) If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.
+- `signer_name` (String) Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.
+
+
+### Nested Schema for `spec.services.data_index.pod_template.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.
+
+
+### Nested Schema for `spec.services.data_index.pod_template.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String) key is the label key that the selector applies to.
+- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
+
+Optional:
+
+- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
+
+
+
### Nested Schema for `spec.services.data_index.pod_template.volumes.projected.sources.config_map`
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -3426,7 +3614,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--downward_api--items--resource_field_ref))
@@ -3463,7 +3651,7 @@ Optional:
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--services--data_index--pod_template--volumes--projected--sources--secret--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) optional field specify whether the Secret or its key must be defined
@@ -3533,7 +3721,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3561,7 +3749,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3605,7 +3793,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3625,6 +3813,32 @@ Optional:
+
+### Nested Schema for `spec.services.data_index.source`
+
+Optional:
+
+- `ca_certs` (String) CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.
+- `ref` (Attributes) Ref points to an Addressable. (see [below for nested schema](#nestedatt--spec--services--data_index--source--ref))
+- `uri` (String) URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.
+
+
+### Nested Schema for `spec.services.data_index.source.ref`
+
+Required:
+
+- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+Optional:
+
+- `address` (String) Address points to a specific Address Name.
+- `api_version` (String) API version of the referent.
+- `group` (String) Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086
+- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.
+
+
+
### Nested Schema for `spec.services.job_service`
@@ -3634,6 +3848,8 @@ Optional:
- `enabled` (Boolean) Determines whether workflows without the 'sonataflow.org/profile: dev' annotation should be configured to use this service
- `persistence` (Attributes) Persists service to a datasource of choice. Ephemeral by default. (see [below for nested schema](#nestedatt--spec--services--job_service--persistence))
- `pod_template` (Attributes) PodTemplate describes the deployment details of this platform service instance. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template))
+- `sink` (Attributes) Defines the sink where the Jobservice sends events to (see [below for nested schema](#nestedatt--spec--services--job_service--sink))
+- `source` (Attributes) Defines the source where the Jobservice receives events from (see [below for nested schema](#nestedatt--spec--services--job_service--source))
### Nested Schema for `spec.services.job_service.persistence`
@@ -3860,7 +4076,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -3919,7 +4137,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -3994,7 +4214,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -4053,7 +4275,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -4162,7 +4386,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -4200,7 +4424,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -4220,7 +4444,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -4229,7 +4453,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -4249,6 +4473,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--lifecycle--post_start--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--lifecycle--post_start--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--lifecycle--post_start--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--lifecycle--post_start--tcp_socket))
@@ -4283,6 +4508,14 @@ Required:
+
+### Nested Schema for `spec.services.job_service.pod_template.container.lifecycle.post_start.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.job_service.pod_template.container.lifecycle.post_start.tcp_socket`
@@ -4303,6 +4536,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--lifecycle--pre_stop--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--lifecycle--pre_stop--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--lifecycle--pre_stop--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--lifecycle--pre_stop--tcp_socket))
@@ -4337,6 +4571,14 @@ Required:
+
+### Nested Schema for `spec.services.job_service.pod_template.container.lifecycle.pre_stop.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.job_service.pod_template.container.lifecycle.pre_stop.tcp_socket`
@@ -4545,6 +4787,7 @@ Required:
Optional:
- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
@@ -4556,6 +4799,18 @@ Optional:
- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--security_context--seccomp_profile))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--container--security_context--windows_options))
+
+### Nested Schema for `spec.services.job_service.pod_template.container.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.services.job_service.pod_template.container.security_context.capabilities`
@@ -4585,7 +4840,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -4595,7 +4850,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -4692,8 +4947,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -4720,6 +4976,7 @@ Optional:
- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--readiness_probe))
- `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--resize_policy))
- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--resources))
+- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.
- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--security_context))
- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--startup_probe))
- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
@@ -4762,7 +5019,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -4800,7 +5057,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -4820,7 +5077,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -4829,7 +5086,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -4849,6 +5106,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--lifecycle--post_start--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--lifecycle--post_start--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--lifecycle--post_start--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--lifecycle--post_start--tcp_socket))
@@ -4883,6 +5141,14 @@ Required:
+
+### Nested Schema for `spec.services.job_service.pod_template.containers.lifecycle.post_start.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.job_service.pod_template.containers.lifecycle.post_start.tcp_socket`
@@ -4903,6 +5169,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--lifecycle--pre_stop--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--lifecycle--pre_stop--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--lifecycle--pre_stop--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--lifecycle--pre_stop--tcp_socket))
@@ -4937,6 +5204,14 @@ Required:
+
+### Nested Schema for `spec.services.job_service.pod_template.containers.lifecycle.pre_stop.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.job_service.pod_template.containers.lifecycle.pre_stop.tcp_socket`
@@ -5145,6 +5420,7 @@ Required:
Optional:
- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
@@ -5156,6 +5432,18 @@ Optional:
- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--security_context--seccomp_profile))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--containers--security_context--windows_options))
+
+### Nested Schema for `spec.services.job_service.pod_template.containers.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.services.job_service.pod_template.containers.security_context.capabilities`
@@ -5185,7 +5473,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -5195,7 +5483,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -5292,8 +5580,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -5321,10 +5610,13 @@ Optional:
### Nested Schema for `spec.services.job_service.pod_template.host_aliases`
+Required:
+
+- `ip` (String) IP address of the host file entry.
+
Optional:
- `hostnames` (List of String) Hostnames for the above IP address.
-- `ip` (String) IP address of the host file entry.
@@ -5332,7 +5624,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -5356,6 +5648,7 @@ Optional:
- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--readiness_probe))
- `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--resize_policy))
- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--resources))
+- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.
- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--security_context))
- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--startup_probe))
- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
@@ -5398,7 +5691,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -5436,7 +5729,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -5456,7 +5749,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -5465,7 +5758,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -5485,6 +5778,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--lifecycle--post_start--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--lifecycle--post_start--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--lifecycle--post_start--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--lifecycle--post_start--tcp_socket))
@@ -5519,6 +5813,14 @@ Required:
+
+### Nested Schema for `spec.services.job_service.pod_template.init_containers.lifecycle.post_start.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.job_service.pod_template.init_containers.lifecycle.post_start.tcp_socket`
@@ -5539,6 +5841,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--lifecycle--pre_stop--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--lifecycle--pre_stop--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--lifecycle--pre_stop--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--lifecycle--pre_stop--tcp_socket))
@@ -5573,6 +5876,14 @@ Required:
+
+### Nested Schema for `spec.services.job_service.pod_template.init_containers.lifecycle.pre_stop.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.services.job_service.pod_template.init_containers.lifecycle.pre_stop.tcp_socket`
@@ -5781,6 +6092,7 @@ Required:
Optional:
- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
@@ -5792,6 +6104,18 @@ Optional:
- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--security_context--seccomp_profile))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--init_containers--security_context--windows_options))
+
+### Nested Schema for `spec.services.job_service.pod_template.init_containers.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.services.job_service.pod_template.init_containers.security_context.capabilities`
@@ -5821,7 +6145,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -5831,7 +6155,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -5928,8 +6252,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -5968,7 +6293,7 @@ Optional:
Optional:
- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
-- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.
+- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.
@@ -5985,6 +6310,7 @@ Required:
Optional:
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--security_context--app_armor_profile))
- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.
- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
@@ -5996,6 +6322,18 @@ Optional:
- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--security_context--sysctls))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--security_context--windows_options))
+
+### Nested Schema for `spec.services.job_service.pod_template.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.services.job_service.pod_template.security_context.se_linux_options`
@@ -6016,7 +6354,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -6035,7 +6373,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -6065,7 +6403,7 @@ Optional:
- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--topology_spread_constraints--label_selector))
- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
-- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.
- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
@@ -6194,7 +6532,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -6216,7 +6554,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -6227,7 +6565,7 @@ Optional:
- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -6263,7 +6601,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -6284,7 +6622,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--downward_api--items--resource_field_ref))
@@ -6353,6 +6691,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -6388,18 +6727,9 @@ Optional:
Optional:
-- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
-### Nested Schema for `spec.services.job_service.pod_template.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
-
-
### Nested Schema for `spec.services.job_service.pod_template.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -6457,7 +6787,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -6547,7 +6877,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -6614,18 +6944,56 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) configMap information about the configMap data to project (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--config_map))
- `downward_api` (Attributes) downwardAPI information about the downwardAPI data to project (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--downward_api))
- `secret` (Attributes) secret information about the secret data to project (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--secret))
- `service_account_token` (Attributes) serviceAccountToken is information about the serviceAccountToken data to project (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.services.job_service.pod_template.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String) Relative path from the volume root to write the bundle.
+
+Optional:
+
+- `label_selector` (Attributes) Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String) Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.
+- `optional` (Boolean) If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.
+- `signer_name` (String) Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.
+
+
+### Nested Schema for `spec.services.job_service.pod_template.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.
+
+
+### Nested Schema for `spec.services.job_service.pod_template.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String) key is the label key that the selector applies to.
+- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
+
+Optional:
+
+- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
+
+
+
### Nested Schema for `spec.services.job_service.pod_template.volumes.projected.sources.config_map`
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -6658,7 +7026,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--downward_api--items--resource_field_ref))
@@ -6695,7 +7063,7 @@ Optional:
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--services--job_service--pod_template--volumes--projected--sources--secret--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) optional field specify whether the Secret or its key must be defined
@@ -6765,7 +7133,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -6793,7 +7161,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -6837,7 +7205,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -6853,3 +7221,56 @@ Optional:
- `fs_type` (String) fsType is filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.
- `storage_policy_id` (String) storagePolicyID is the storage Policy Based Management (SPBM) profile ID associated with the StoragePolicyName.
- `storage_policy_name` (String) storagePolicyName is the storage Policy Based Management (SPBM) profile name.
+
+
+
+
+
+### Nested Schema for `spec.services.job_service.sink`
+
+Optional:
+
+- `ca_certs` (String) CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.
+- `ref` (Attributes) Ref points to an Addressable. (see [below for nested schema](#nestedatt--spec--services--job_service--sink--ref))
+- `uri` (String) URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.
+
+
+### Nested Schema for `spec.services.job_service.sink.ref`
+
+Required:
+
+- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+Optional:
+
+- `address` (String) Address points to a specific Address Name.
+- `api_version` (String) API version of the referent.
+- `group` (String) Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086
+- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.
+
+
+
+
+### Nested Schema for `spec.services.job_service.source`
+
+Optional:
+
+- `ca_certs` (String) CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.
+- `ref` (Attributes) Ref points to an Addressable. (see [below for nested schema](#nestedatt--spec--services--job_service--source--ref))
+- `uri` (String) URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.
+
+
+### Nested Schema for `spec.services.job_service.source.ref`
+
+Required:
+
+- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+Optional:
+
+- `address` (String) Address points to a specific Address Name.
+- `api_version` (String) API version of the referent.
+- `group` (String) Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086
+- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.
diff --git a/docs/data-sources/sonataflow_org_sonata_flow_v1alpha08_manifest.md b/docs/data-sources/sonataflow_org_sonata_flow_v1alpha08_manifest.md
index a9297400b..230f1e7e2 100644
--- a/docs/data-sources/sonataflow_org_sonata_flow_v1alpha08_manifest.md
+++ b/docs/data-sources/sonataflow_org_sonata_flow_v1alpha08_manifest.md
@@ -63,6 +63,7 @@ Optional:
- `pod_template` (Attributes) PodTemplate describes the deployment details of this SonataFlow instance. (see [below for nested schema](#nestedatt--spec--pod_template))
- `resources` (Attributes) Resources workflow resources that are linked to this workflow definition. For example, a collection of OpenAPI specification files. (see [below for nested schema](#nestedatt--spec--resources))
- `sink` (Attributes) Sink describes the sinkBinding details of this SonataFlow instance. (see [below for nested schema](#nestedatt--spec--sink))
+- `sources` (Attributes List) Sources describes the list of sources used to create triggers for events consumed by this SonataFlow instance. (see [below for nested schema](#nestedatt--spec--sources))
### Nested Schema for `spec.flow`
@@ -463,7 +464,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -522,7 +525,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -597,7 +602,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_anti_affinity--preferred_during_scheduling_ignored_during_execution--pod_affinity_term--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -656,7 +663,9 @@ Required:
Optional:
-- `label_selector` (Attributes) A label query over a set of resources, in this case pods. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `label_selector` (Attributes) A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--label_selector))
+- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
+- `mismatch_label_keys` (List of String) MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.
- `namespace_selector` (Attributes) A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces. (see [below for nested schema](#nestedatt--spec--pod_template--affinity--pod_anti_affinity--required_during_scheduling_ignored_during_execution--namespace_selector))
- `namespaces` (List of String) namespaces specifies a static list of namespace names that the term applies to. The term is applied to the union of the namespaces listed in this field and the ones selected by namespaceSelector. null or empty namespaces list and null namespaceSelector means 'this pod's namespace'.
@@ -765,7 +774,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -803,7 +812,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -823,7 +832,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -832,7 +841,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -852,6 +861,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--pod_template--container--lifecycle--post_start--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--pod_template--container--lifecycle--post_start--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--pod_template--container--lifecycle--post_start--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--pod_template--container--lifecycle--post_start--tcp_socket))
@@ -886,6 +896,14 @@ Required:
+
+### Nested Schema for `spec.pod_template.container.lifecycle.post_start.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.pod_template.container.lifecycle.post_start.tcp_socket`
@@ -906,6 +924,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--pod_template--container--lifecycle--pre_stop--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--pod_template--container--lifecycle--pre_stop--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--pod_template--container--lifecycle--pre_stop--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--pod_template--container--lifecycle--pre_stop--tcp_socket))
@@ -940,6 +959,14 @@ Required:
+
+### Nested Schema for `spec.pod_template.container.lifecycle.pre_stop.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.pod_template.container.lifecycle.pre_stop.tcp_socket`
@@ -1148,6 +1175,7 @@ Required:
Optional:
- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--container--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--container--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
@@ -1159,6 +1187,18 @@ Optional:
- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--container--security_context--seccomp_profile))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--pod_template--container--security_context--windows_options))
+
+### Nested Schema for `spec.pod_template.container.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.pod_template.container.security_context.capabilities`
@@ -1188,7 +1228,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -1198,7 +1238,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -1295,8 +1335,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -1323,6 +1364,7 @@ Optional:
- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--pod_template--containers--readiness_probe))
- `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--pod_template--containers--resize_policy))
- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--pod_template--containers--resources))
+- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.
- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--pod_template--containers--security_context))
- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--pod_template--containers--startup_probe))
- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
@@ -1365,7 +1407,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1403,7 +1445,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1423,7 +1465,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -1432,7 +1474,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -1452,6 +1494,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--pod_template--containers--lifecycle--post_start--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--pod_template--containers--lifecycle--post_start--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--pod_template--containers--lifecycle--post_start--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--pod_template--containers--lifecycle--post_start--tcp_socket))
@@ -1486,6 +1529,14 @@ Required:
+
+### Nested Schema for `spec.pod_template.containers.lifecycle.post_start.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.pod_template.containers.lifecycle.post_start.tcp_socket`
@@ -1506,6 +1557,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--pod_template--containers--lifecycle--pre_stop--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--pod_template--containers--lifecycle--pre_stop--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--pod_template--containers--lifecycle--pre_stop--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--pod_template--containers--lifecycle--pre_stop--tcp_socket))
@@ -1540,6 +1592,14 @@ Required:
+
+### Nested Schema for `spec.pod_template.containers.lifecycle.pre_stop.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.pod_template.containers.lifecycle.pre_stop.tcp_socket`
@@ -1748,6 +1808,7 @@ Required:
Optional:
- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
@@ -1759,6 +1820,18 @@ Optional:
- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--containers--security_context--seccomp_profile))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--pod_template--containers--security_context--windows_options))
+
+### Nested Schema for `spec.pod_template.containers.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.pod_template.containers.security_context.capabilities`
@@ -1788,7 +1861,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -1798,7 +1871,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -1895,8 +1968,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -1924,10 +1998,13 @@ Optional:
### Nested Schema for `spec.pod_template.host_aliases`
+Required:
+
+- `ip` (String) IP address of the host file entry.
+
Optional:
- `hostnames` (List of String) Hostnames for the above IP address.
-- `ip` (String) IP address of the host file entry.
@@ -1935,7 +2012,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -1959,6 +2036,7 @@ Optional:
- `readiness_probe` (Attributes) Periodic probe of container service readiness. Container will be removed from service endpoints if the probe fails. Cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--readiness_probe))
- `resize_policy` (Attributes List) Resources resize policy for the container. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--resize_policy))
- `resources` (Attributes) Compute Resources required by this container. Cannot be updated. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--resources))
+- `restart_policy` (String) RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.
- `security_context` (Attributes) SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--security_context))
- `startup_probe` (Attributes) StartupProbe indicates that the Pod has successfully initialized. If specified, no other probes are executed until this completes successfully. If this probe fails, the Pod will be restarted, just as if the livenessProbe failed. This can be used to provide different probe parameters at the beginning of a Pod's lifecycle, when it might take a long time to load data or warm a cache, than during steady-state operation. This cannot be updated. More info: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle#container-probes (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--startup_probe))
- `stdin` (Boolean) Whether this container should allocate a buffer for stdin in the container runtime. If this is not set, reads from stdin in the container will always result in EOF. Default is false.
@@ -2001,7 +2079,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -2039,7 +2117,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -2059,7 +2137,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the ConfigMap must be defined
@@ -2068,7 +2146,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) Specify whether the Secret must be defined
@@ -2088,6 +2166,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--lifecycle--post_start--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--lifecycle--post_start--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--lifecycle--post_start--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--lifecycle--post_start--tcp_socket))
@@ -2122,6 +2201,14 @@ Required:
+
+### Nested Schema for `spec.pod_template.init_containers.lifecycle.post_start.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.pod_template.init_containers.lifecycle.post_start.tcp_socket`
@@ -2142,6 +2229,7 @@ Optional:
- `exec` (Attributes) Exec specifies the action to take. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--lifecycle--pre_stop--exec))
- `http_get` (Attributes) HTTPGet specifies the http request to perform. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--lifecycle--pre_stop--http_get))
+- `sleep` (Attributes) Sleep represents the duration that the container should sleep before being terminated. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--lifecycle--pre_stop--sleep))
- `tcp_socket` (Attributes) Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--lifecycle--pre_stop--tcp_socket))
@@ -2176,6 +2264,14 @@ Required:
+
+### Nested Schema for `spec.pod_template.init_containers.lifecycle.pre_stop.sleep`
+
+Required:
+
+- `seconds` (Number) Seconds is the number of seconds to sleep.
+
+
### Nested Schema for `spec.pod_template.init_containers.lifecycle.pre_stop.tcp_socket`
@@ -2384,6 +2480,7 @@ Required:
Optional:
- `allow_privilege_escalation` (Boolean) AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged 2) has CAP_SYS_ADMIN Note that this field cannot be set when spec.os.name is windows.
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--security_context--app_armor_profile))
- `capabilities` (Attributes) The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--security_context--capabilities))
- `privileged` (Boolean) Run container in privileged mode. Processes in privileged containers are essentially equivalent to root on the host. Defaults to false. Note that this field cannot be set when spec.os.name is windows.
- `proc_mount` (String) procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.
@@ -2395,6 +2492,18 @@ Optional:
- `seccomp_profile` (Attributes) The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--security_context--seccomp_profile))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options from the PodSecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--pod_template--init_containers--security_context--windows_options))
+
+### Nested Schema for `spec.pod_template.init_containers.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.pod_template.init_containers.security_context.capabilities`
@@ -2424,7 +2533,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -2434,7 +2543,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -2531,8 +2640,9 @@ Required:
Optional:
-- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.
+- `mount_propagation` (String) mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).
- `read_only` (Boolean) Mounted read-only if true, read-write otherwise (false or unspecified). Defaults to false.
+- `recursive_read_only` (String) RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.
- `sub_path` (String) Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).
- `sub_path_expr` (String) Expanded path within the volume from which the container's volume should be mounted. Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded using the container's environment. Defaults to '' (volume's root). SubPathExpr and SubPath are mutually exclusive.
@@ -2571,7 +2681,7 @@ Optional:
Optional:
- `resource_claim_name` (String) ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.
-- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.
+- `resource_claim_template_name` (String) ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.
@@ -2588,6 +2698,7 @@ Required:
Optional:
+- `app_armor_profile` (Attributes) appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--security_context--app_armor_profile))
- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.
- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
@@ -2599,6 +2710,18 @@ Optional:
- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--pod_template--security_context--sysctls))
- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--pod_template--security_context--windows_options))
+
+### Nested Schema for `spec.pod_template.security_context.app_armor_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.
+
+
### Nested Schema for `spec.pod_template.security_context.se_linux_options`
@@ -2619,7 +2742,7 @@ Required:
Optional:
-- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
@@ -2638,7 +2761,7 @@ Optional:
- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
-- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
@@ -2668,7 +2791,7 @@ Optional:
- `label_selector` (Attributes) LabelSelector is used to find matching pods. Pods that match this label selector are counted to determine the number of pods in their corresponding topology domain. (see [below for nested schema](#nestedatt--spec--pod_template--topology_spread_constraints--label_selector))
- `match_label_keys` (List of String) MatchLabelKeys is a set of pod label keys to select the pods over which spreading will be calculated. The keys are used to lookup values from the incoming pod labels, those key-value labels are ANDed with labelSelector to select the group of existing pods over which spreading will be calculated for the incoming pod. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. MatchLabelKeys cannot be set when LabelSelector isn't set. Keys that don't exist in the incoming pod labels will be ignored. A null or empty list means only match against labelSelector. This is a beta field and requires the MatchLabelKeysInPodTopologySpread feature gate to be enabled (enabled by default).
-- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).
+- `min_domains` (Number) MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.
- `node_affinity_policy` (String) NodeAffinityPolicy indicates how we will treat Pod's nodeAffinity/nodeSelector when calculating pod topology spread skew. Options are: - Honor: only nodes matching nodeAffinity/nodeSelector are included in the calculations. - Ignore: nodeAffinity/nodeSelector are ignored. All nodes are included in the calculations. If this value is nil, the behavior is equivalent to the Honor policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
- `node_taints_policy` (String) NodeTaintsPolicy indicates how we will treat node taints when calculating pod topology spread skew. Options are: - Honor: nodes without taints, along with tainted nodes for which the incoming pod has a toleration, are included. - Ignore: node taints are ignored. All nodes are included. If this value is nil, the behavior is equivalent to the Ignore policy. This is a beta-level feature default enabled by the NodeInclusionPolicyInPodTopologySpread feature flag.
@@ -2797,7 +2920,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -2819,7 +2942,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -2830,7 +2953,7 @@ Optional:
- `default_mode` (Number) defaultMode is optional: mode bits used to set permissions on created files by default. Must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. Defaults to 0644. Directories within the path are not affected by this setting. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -2866,7 +2989,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -2887,7 +3010,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--downward_api--items--resource_field_ref))
@@ -2956,6 +3079,7 @@ Optional:
- `resources` (Attributes) resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources (see [below for nested schema](#nestedatt--spec--pod_template--volumes--ephemeral--volume_claim_template--spec--resources))
- `selector` (Attributes) selector is a label query over volumes to consider for binding. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--ephemeral--volume_claim_template--spec--selector))
- `storage_class_name` (String) storageClassName is the name of the StorageClass required by the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#class-1
+- `volume_attributes_class_name` (String) volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.
- `volume_mode` (String) volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.
- `volume_name` (String) volumeName is the binding reference to the PersistentVolume backing this claim.
@@ -2991,18 +3115,9 @@ Optional:
Optional:
-- `claims` (Attributes List) Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--ephemeral--volume_claim_template--spec--resources--claims))
- `limits` (Map of String) Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
- `requests` (Map of String) Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. Requests cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
-
-### Nested Schema for `spec.pod_template.volumes.ephemeral.volume_claim_template.spec.resources.claims`
-
-Required:
-
-- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
-
-
### Nested Schema for `spec.pod_template.volumes.ephemeral.volume_claim_template.spec.selector`
@@ -3060,7 +3175,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3150,7 +3265,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3217,18 +3332,56 @@ Optional:
Optional:
+- `cluster_trust_bundle` (Attributes) ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--cluster_trust_bundle))
- `config_map` (Attributes) configMap information about the configMap data to project (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--config_map))
- `downward_api` (Attributes) downwardAPI information about the downwardAPI data to project (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--downward_api))
- `secret` (Attributes) secret information about the secret data to project (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--secret))
- `service_account_token` (Attributes) serviceAccountToken is information about the serviceAccountToken data to project (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--service_account_token))
+
+### Nested Schema for `spec.pod_template.volumes.projected.sources.cluster_trust_bundle`
+
+Required:
+
+- `path` (String) Relative path from the volume root to write the bundle.
+
+Optional:
+
+- `label_selector` (Attributes) Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--cluster_trust_bundle--label_selector))
+- `name` (String) Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.
+- `optional` (Boolean) If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.
+- `signer_name` (String) Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.
+
+
+### Nested Schema for `spec.pod_template.volumes.projected.sources.cluster_trust_bundle.label_selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--cluster_trust_bundle--label_selector--match_expressions))
+- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.
+
+
+### Nested Schema for `spec.pod_template.volumes.projected.sources.cluster_trust_bundle.label_selector.match_expressions`
+
+Required:
+
+- `key` (String) key is the label key that the selector applies to.
+- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
+
+Optional:
+
+- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
+
+
+
### Nested Schema for `spec.pod_template.volumes.projected.sources.config_map`
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced ConfigMap will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the ConfigMap, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--config_map--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) optional specify whether the ConfigMap or its keys must be defined
@@ -3261,7 +3414,7 @@ Required:
Optional:
-- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name and namespace are supported. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--downward_api--items--field_ref))
+- `field_ref` (Attributes) Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--downward_api--items--field_ref))
- `mode` (Number) Optional: mode bits used to set permissions on this file, must be an octal value between 0000 and 0777 or a decimal value between 0 and 511. YAML accepts both octal and decimal values, JSON requires decimal values for mode bits. If not specified, the volume defaultMode will be used. This might be in conflict with other options that affect the file mode, like fsGroup, and the result can be other mode bits set.
- `resource_field_ref` (Attributes) Selects a resource of the container: only resources limits and requests (limits.cpu, limits.memory, requests.cpu and requests.memory) are currently supported. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--downward_api--items--resource_field_ref))
@@ -3298,7 +3451,7 @@ Optional:
Optional:
- `items` (Attributes List) items if unspecified, each key-value pair in the Data field of the referenced Secret will be projected into the volume as a file whose name is the key and content is the value. If specified, the listed keys will be projected into the specified paths, and unlisted keys will not be present. If a key is specified which is not present in the Secret, the volume setup will error unless it is marked optional. Paths must be relative and may not contain the '..' path or start with '..'. (see [below for nested schema](#nestedatt--spec--pod_template--volumes--projected--sources--secret--items))
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
- `optional` (Boolean) optional field specify whether the Secret or its key must be defined
@@ -3368,7 +3521,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3396,7 +3549,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3440,7 +3593,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3483,7 +3636,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
@@ -3511,3 +3664,33 @@ Optional:
- `api_version` (String) API version of the referent.
- `group` (String) Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086
- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.
+
+
+
+
+### Nested Schema for `spec.sources`
+
+Required:
+
+- `event_type` (String) Defines the eventType to filter the events
+
+Optional:
+
+- `ca_certs` (String) CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.
+- `ref` (Attributes) Ref points to an Addressable. (see [below for nested schema](#nestedatt--spec--sources--ref))
+- `uri` (String) URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.
+
+
+### Nested Schema for `spec.sources.ref`
+
+Required:
+
+- `kind` (String) Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+
+Optional:
+
+- `address` (String) Address points to a specific Address Name.
+- `api_version` (String) API version of the referent.
+- `group` (String) Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086
+- `namespace` (String) Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.
diff --git a/docs/data-sources/spark_stackable_tech_spark_application_v1alpha1_manifest.md b/docs/data-sources/spark_stackable_tech_spark_application_v1alpha1_manifest.md
index 28d951a66..39e79676a 100644
--- a/docs/data-sources/spark_stackable_tech_spark_application_v1alpha1_manifest.md
+++ b/docs/data-sources/spark_stackable_tech_spark_application_v1alpha1_manifest.md
@@ -92,9 +92,9 @@ Optional:
### Nested Schema for `spec.spark_image.pull_secrets`
-Optional:
+Required:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -133,16 +133,13 @@ Optional:
### Nested Schema for `spec.driver.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.driver.config.logging`
@@ -254,10 +251,10 @@ Optional:
Required:
- `key` (String) The key to select.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -292,10 +289,10 @@ Optional:
Required:
- `key` (String) The key of the secret to select from. Must be a valid secret key.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -326,16 +323,13 @@ Optional:
### Nested Schema for `spec.executor.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.executor.config.logging`
@@ -480,7 +474,7 @@ Optional:
Required:
-- `bucket` (Attributes) An S3 bucket definition, it can either be a reference to an explicit S3Bucket object, or it can be an inline definition of a bucket. Read the [S3 resources concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3) to learn more. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket))
+- `bucket` (Attributes) (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket))
- `prefix` (String)
@@ -488,13 +482,13 @@ Required:
Optional:
-- `inline` (Attributes) An inline definition, containing the S3 bucket properties. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline))
-- `reference` (String) A reference to an S3 bucket object. This is simply the name of the 'S3Bucket' resource.
+- `inline` (Attributes) S3 bucket specification containing the bucket name and an inlined or referenced connection specification. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline))
+- `reference` (String)
### Nested Schema for `spec.log_file_directory.s3.bucket.inline`
-Optional:
+Required:
- `bucket_name` (String) The name of the S3 bucket.
- `connection` (Attributes) The definition of an S3 connection, either inline or as a reference. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection))
@@ -504,19 +498,22 @@ Optional:
Optional:
-- `inline` (Attributes) Inline definition of an S3 connection. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline))
-- `reference` (String) A reference to an S3Connection resource.
+- `inline` (Attributes) S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline))
+- `reference` (String)
### Nested Schema for `spec.log_file_directory.s3.bucket.inline.connection.inline`
+Required:
+
+- `host` (String) Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
+
Optional:
- `access_style` (String) Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).
- `credentials` (Attributes) If the S3 uses authentication you have to specify you S3 credentials. In the most cases a [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) providing 'accessKey' and 'secretKey' is sufficient. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline--credentials))
-- `host` (String) Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
- `port` (Number) Port the S3 server listens on. If not specified the product will determine the port to use.
-- `tls` (Attributes) If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline--tls))
+- `tls` (Attributes) Use a TLS connection. If not specified no TLS will be used. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline--tls))
### Nested Schema for `spec.log_file_directory.s3.bucket.inline.connection.inline.credentials`
@@ -534,6 +531,7 @@ Optional:
Optional:
+- `listener_volumes` (List of String) The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.
- `node` (Boolean) The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.
- `pod` (Boolean) The pod scope is resolved to the name of the Kubernetes Pod. This allows the secret to differentiate between StatefulSet replicas.
- `services` (List of String) The service scope allows Pod objects to specify custom scopes. This should typically correspond to Service objects that the Pod participates in.
@@ -585,19 +583,22 @@ Optional:
Optional:
-- `inline` (Attributes) Inline definition of an S3 connection. (see [below for nested schema](#nestedatt--spec--s3connection--inline))
-- `reference` (String) A reference to an S3Connection resource.
+- `inline` (Attributes) S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--s3connection--inline))
+- `reference` (String)
### Nested Schema for `spec.s3connection.inline`
+Required:
+
+- `host` (String) Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
+
Optional:
- `access_style` (String) Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).
- `credentials` (Attributes) If the S3 uses authentication you have to specify you S3 credentials. In the most cases a [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) providing 'accessKey' and 'secretKey' is sufficient. (see [below for nested schema](#nestedatt--spec--s3connection--inline--credentials))
-- `host` (String) Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
- `port` (Number) Port the S3 server listens on. If not specified the product will determine the port to use.
-- `tls` (Attributes) If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. (see [below for nested schema](#nestedatt--spec--s3connection--inline--tls))
+- `tls` (Attributes) Use a TLS connection. If not specified no TLS will be used. (see [below for nested schema](#nestedatt--spec--s3connection--inline--tls))
### Nested Schema for `spec.s3connection.inline.credentials`
@@ -615,6 +616,7 @@ Optional:
Optional:
+- `listener_volumes` (List of String) The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.
- `node` (Boolean) The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.
- `pod` (Boolean) The pod scope is resolved to the name of the Kubernetes Pod. This allows the secret to differentiate between StatefulSet replicas.
- `services` (List of String) The service scope allows Pod objects to specify custom scopes. This should typically correspond to Service objects that the Pod participates in.
diff --git a/docs/data-sources/spark_stackable_tech_spark_history_server_v1alpha1_manifest.md b/docs/data-sources/spark_stackable_tech_spark_history_server_v1alpha1_manifest.md
index fa0dfb338..ac4160aee 100644
--- a/docs/data-sources/spark_stackable_tech_spark_history_server_v1alpha1_manifest.md
+++ b/docs/data-sources/spark_stackable_tech_spark_history_server_v1alpha1_manifest.md
@@ -84,9 +84,9 @@ Optional:
### Nested Schema for `spec.image.pull_secrets`
-Optional:
+Required:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -102,7 +102,7 @@ Optional:
Required:
-- `bucket` (Attributes) An S3 bucket definition, it can either be a reference to an explicit S3Bucket object, or it can be an inline definition of a bucket. Read the [S3 resources concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3) to learn more. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket))
+- `bucket` (Attributes) (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket))
- `prefix` (String)
@@ -110,13 +110,13 @@ Required:
Optional:
-- `inline` (Attributes) An inline definition, containing the S3 bucket properties. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline))
-- `reference` (String) A reference to an S3 bucket object. This is simply the name of the 'S3Bucket' resource.
+- `inline` (Attributes) S3 bucket specification containing the bucket name and an inlined or referenced connection specification. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline))
+- `reference` (String)
### Nested Schema for `spec.log_file_directory.s3.bucket.inline`
-Optional:
+Required:
- `bucket_name` (String) The name of the S3 bucket.
- `connection` (Attributes) The definition of an S3 connection, either inline or as a reference. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection))
@@ -126,19 +126,22 @@ Optional:
Optional:
-- `inline` (Attributes) Inline definition of an S3 connection. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline))
-- `reference` (String) A reference to an S3Connection resource.
+- `inline` (Attributes) S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline))
+- `reference` (String)
### Nested Schema for `spec.log_file_directory.s3.bucket.inline.connection.inline`
+Required:
+
+- `host` (String) Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
+
Optional:
- `access_style` (String) Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).
- `credentials` (Attributes) If the S3 uses authentication you have to specify you S3 credentials. In the most cases a [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) providing 'accessKey' and 'secretKey' is sufficient. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline--credentials))
-- `host` (String) Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
- `port` (Number) Port the S3 server listens on. If not specified the product will determine the port to use.
-- `tls` (Attributes) If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline--tls))
+- `tls` (Attributes) Use a TLS connection. If not specified no TLS will be used. (see [below for nested schema](#nestedatt--spec--log_file_directory--s3--bucket--inline--connection--inline--tls))
### Nested Schema for `spec.log_file_directory.s3.bucket.inline.connection.inline.credentials`
@@ -156,6 +159,7 @@ Optional:
Optional:
+- `listener_volumes` (List of String) The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.
- `node` (Boolean) The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.
- `pod` (Boolean) The pod scope is resolved to the name of the Kubernetes Pod. This allows the secret to differentiate between StatefulSet replicas.
- `services` (List of String) The service scope allows Pod objects to specify custom scopes. This should typically correspond to Service objects that the Pod participates in.
@@ -243,16 +247,13 @@ Optional:
### Nested Schema for `spec.nodes.role_groups.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.nodes.role_groups.config.logging`
@@ -349,16 +350,13 @@ Optional:
### Nested Schema for `spec.nodes.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.nodes.config.logging`
diff --git a/docs/data-sources/storage_k8s_io_volume_attachment_v1_manifest.md b/docs/data-sources/storage_k8s_io_volume_attachment_v1_manifest.md
index 25156f434..3354d2b9f 100644
--- a/docs/data-sources/storage_k8s_io_volume_attachment_v1_manifest.md
+++ b/docs/data-sources/storage_k8s_io_volume_attachment_v1_manifest.md
@@ -59,7 +59,7 @@ Required:
- `attacher` (String) attacher indicates the name of the volume driver that MUST handle this request. This is the name returned by GetPluginName().
- `node_name` (String) nodeName represents the node that the volume should be attached to.
-- `source` (Attributes) VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set. (see [below for nested schema](#nestedatt--spec--source))
+- `source` (Attributes) VolumeAttachmentSource represents a volume that should be attached. Right now only PersistentVolumes can be attached via external attacher, in the future we may allow also inline volumes in pods. Exactly one member can be set. (see [below for nested schema](#nestedatt--spec--source))
### Nested Schema for `spec.source`
diff --git a/docs/data-sources/tempo_grafana_com_tempo_stack_v1alpha1_manifest.md b/docs/data-sources/tempo_grafana_com_tempo_stack_v1alpha1_manifest.md
index cd18adc61..9f45a5b99 100644
--- a/docs/data-sources/tempo_grafana_com_tempo_stack_v1alpha1_manifest.md
+++ b/docs/data-sources/tempo_grafana_com_tempo_stack_v1alpha1_manifest.md
@@ -65,7 +65,7 @@ Optional:
- `limits` (Attributes) LimitSpec is used to limit ingestion and querying rates. (see [below for nested schema](#nestedatt--spec--limits))
- `management_state` (String) ManagementState defines if the CR should be managed by the operator or not. Default is managed.
- `observability` (Attributes) ObservabilitySpec defines how telemetry data gets handled. (see [below for nested schema](#nestedatt--spec--observability))
-- `replication_factor` (Number) ReplicationFactor is used to define how many component replicas should exist.
+- `replication_factor` (Number) The replication factor is a configuration setting that determines how many ingesters need to acknowledge the data from the distributors before accepting a span.
- `resources` (Attributes) Resources defines resources configuration. (see [below for nested schema](#nestedatt--spec--resources))
- `retention` (Attributes) Retention period defined by dataset. User can specify how long data should be stored. (see [below for nested schema](#nestedatt--spec--retention))
- `search` (Attributes) SearchSpec control the configuration for the search capabilities. (see [below for nested schema](#nestedatt--spec--search))
@@ -351,10 +351,71 @@ Optional:
Optional:
- `node_selector` (Map of String) NodeSelector defines the simple form of the node-selection constraint.
+- `pod_security_context` (Attributes) PodSecurityContext defines security context will be applied to all pods of this component. (see [below for nested schema](#nestedatt--spec--template--compactor--pod_security_context))
- `replicas` (Number) Replicas defines the number of replicas to be created for this component.
- `resources` (Attributes) Resources defines resources for this component, this will override the calculated resources derived from total (see [below for nested schema](#nestedatt--spec--template--compactor--resources))
- `tolerations` (Attributes List) Tolerations defines component-specific pod tolerations. (see [below for nested schema](#nestedatt--spec--template--compactor--tolerations))
+
+### Nested Schema for `spec.template.compactor.pod_security_context`
+
+Optional:
+
+- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
+- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--compactor--pod_security_context--se_linux_options))
+- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--compactor--pod_security_context--seccomp_profile))
+- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.
+- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--compactor--pod_security_context--sysctls))
+- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--template--compactor--pod_security_context--windows_options))
+
+
+### Nested Schema for `spec.template.compactor.pod_security_context.se_linux_options`
+
+Optional:
+
+- `level` (String) Level is SELinux level label that applies to the container.
+- `role` (String) Role is a SELinux role label that applies to the container.
+- `type` (String) Type is a SELinux type label that applies to the container.
+- `user` (String) User is a SELinux user label that applies to the container.
+
+
+
+### Nested Schema for `spec.template.compactor.pod_security_context.seccomp_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
+
+
+
+### Nested Schema for `spec.template.compactor.pod_security_context.sysctls`
+
+Required:
+
+- `name` (String) Name of a property to set
+- `value` (String) Value of a property to set
+
+
+
+### Nested Schema for `spec.template.compactor.pod_security_context.windows_options`
+
+Optional:
+
+- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
+- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
+
+
### Nested Schema for `spec.template.compactor.resources`
@@ -400,10 +461,71 @@ Optional:
Optional:
- `node_selector` (Map of String) NodeSelector defines the simple form of the node-selection constraint.
+- `pod_security_context` (Attributes) PodSecurityContext defines security context will be applied to all pods of this component. (see [below for nested schema](#nestedatt--spec--template--distributor--component--pod_security_context))
- `replicas` (Number) Replicas defines the number of replicas to be created for this component.
- `resources` (Attributes) Resources defines resources for this component, this will override the calculated resources derived from total (see [below for nested schema](#nestedatt--spec--template--distributor--component--resources))
- `tolerations` (Attributes List) Tolerations defines component-specific pod tolerations. (see [below for nested schema](#nestedatt--spec--template--distributor--component--tolerations))
+
+### Nested Schema for `spec.template.distributor.component.pod_security_context`
+
+Optional:
+
+- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
+- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--distributor--component--pod_security_context--se_linux_options))
+- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--distributor--component--pod_security_context--seccomp_profile))
+- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.
+- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--distributor--component--pod_security_context--sysctls))
+- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--template--distributor--component--pod_security_context--windows_options))
+
+
+### Nested Schema for `spec.template.distributor.component.pod_security_context.se_linux_options`
+
+Optional:
+
+- `level` (String) Level is SELinux level label that applies to the container.
+- `role` (String) Role is a SELinux role label that applies to the container.
+- `type` (String) Type is a SELinux type label that applies to the container.
+- `user` (String) User is a SELinux user label that applies to the container.
+
+
+
+### Nested Schema for `spec.template.distributor.component.pod_security_context.seccomp_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
+
+
+
+### Nested Schema for `spec.template.distributor.component.pod_security_context.sysctls`
+
+Required:
+
+- `name` (String) Name of a property to set
+- `value` (String) Value of a property to set
+
+
+
+### Nested Schema for `spec.template.distributor.component.pod_security_context.windows_options`
+
+Optional:
+
+- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
+- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
+
+
### Nested Schema for `spec.template.distributor.component.resources`
@@ -465,10 +587,71 @@ Optional:
Optional:
- `node_selector` (Map of String) NodeSelector defines the simple form of the node-selection constraint.
+- `pod_security_context` (Attributes) PodSecurityContext defines security context will be applied to all pods of this component. (see [below for nested schema](#nestedatt--spec--template--gateway--component--pod_security_context))
- `replicas` (Number) Replicas defines the number of replicas to be created for this component.
- `resources` (Attributes) Resources defines resources for this component, this will override the calculated resources derived from total (see [below for nested schema](#nestedatt--spec--template--gateway--component--resources))
- `tolerations` (Attributes List) Tolerations defines component-specific pod tolerations. (see [below for nested schema](#nestedatt--spec--template--gateway--component--tolerations))
+
+### Nested Schema for `spec.template.gateway.component.pod_security_context`
+
+Optional:
+
+- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
+- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--gateway--component--pod_security_context--se_linux_options))
+- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--gateway--component--pod_security_context--seccomp_profile))
+- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.
+- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--gateway--component--pod_security_context--sysctls))
+- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--template--gateway--component--pod_security_context--windows_options))
+
+
+### Nested Schema for `spec.template.gateway.component.pod_security_context.se_linux_options`
+
+Optional:
+
+- `level` (String) Level is SELinux level label that applies to the container.
+- `role` (String) Role is a SELinux role label that applies to the container.
+- `type` (String) Type is a SELinux type label that applies to the container.
+- `user` (String) User is a SELinux user label that applies to the container.
+
+
+
+### Nested Schema for `spec.template.gateway.component.pod_security_context.seccomp_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
+
+
+
+### Nested Schema for `spec.template.gateway.component.pod_security_context.sysctls`
+
+Required:
+
+- `name` (String) Name of a property to set
+- `value` (String) Value of a property to set
+
+
+
+### Nested Schema for `spec.template.gateway.component.pod_security_context.windows_options`
+
+Optional:
+
+- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
+- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
+
+
### Nested Schema for `spec.template.gateway.component.resources`
@@ -527,10 +710,71 @@ Optional:
Optional:
- `node_selector` (Map of String) NodeSelector defines the simple form of the node-selection constraint.
+- `pod_security_context` (Attributes) PodSecurityContext defines security context will be applied to all pods of this component. (see [below for nested schema](#nestedatt--spec--template--ingester--pod_security_context))
- `replicas` (Number) Replicas defines the number of replicas to be created for this component.
- `resources` (Attributes) Resources defines resources for this component, this will override the calculated resources derived from total (see [below for nested schema](#nestedatt--spec--template--ingester--resources))
- `tolerations` (Attributes List) Tolerations defines component-specific pod tolerations. (see [below for nested schema](#nestedatt--spec--template--ingester--tolerations))
+
+### Nested Schema for `spec.template.ingester.pod_security_context`
+
+Optional:
+
+- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
+- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--ingester--pod_security_context--se_linux_options))
+- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--ingester--pod_security_context--seccomp_profile))
+- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.
+- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--ingester--pod_security_context--sysctls))
+- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--template--ingester--pod_security_context--windows_options))
+
+
+### Nested Schema for `spec.template.ingester.pod_security_context.se_linux_options`
+
+Optional:
+
+- `level` (String) Level is SELinux level label that applies to the container.
+- `role` (String) Role is a SELinux role label that applies to the container.
+- `type` (String) Type is a SELinux type label that applies to the container.
+- `user` (String) User is a SELinux user label that applies to the container.
+
+
+
+### Nested Schema for `spec.template.ingester.pod_security_context.seccomp_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
+
+
+
+### Nested Schema for `spec.template.ingester.pod_security_context.sysctls`
+
+Required:
+
+- `name` (String) Name of a property to set
+- `value` (String) Value of a property to set
+
+
+
+### Nested Schema for `spec.template.ingester.pod_security_context.windows_options`
+
+Optional:
+
+- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
+- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
+
+
### Nested Schema for `spec.template.ingester.resources`
@@ -568,10 +812,71 @@ Optional:
Optional:
- `node_selector` (Map of String) NodeSelector defines the simple form of the node-selection constraint.
+- `pod_security_context` (Attributes) PodSecurityContext defines security context will be applied to all pods of this component. (see [below for nested schema](#nestedatt--spec--template--querier--pod_security_context))
- `replicas` (Number) Replicas defines the number of replicas to be created for this component.
- `resources` (Attributes) Resources defines resources for this component, this will override the calculated resources derived from total (see [below for nested schema](#nestedatt--spec--template--querier--resources))
- `tolerations` (Attributes List) Tolerations defines component-specific pod tolerations. (see [below for nested schema](#nestedatt--spec--template--querier--tolerations))
+
+### Nested Schema for `spec.template.querier.pod_security_context`
+
+Optional:
+
+- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
+- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--querier--pod_security_context--se_linux_options))
+- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--querier--pod_security_context--seccomp_profile))
+- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.
+- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--querier--pod_security_context--sysctls))
+- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--template--querier--pod_security_context--windows_options))
+
+
+### Nested Schema for `spec.template.querier.pod_security_context.se_linux_options`
+
+Optional:
+
+- `level` (String) Level is SELinux level label that applies to the container.
+- `role` (String) Role is a SELinux role label that applies to the container.
+- `type` (String) Type is a SELinux type label that applies to the container.
+- `user` (String) User is a SELinux user label that applies to the container.
+
+
+
+### Nested Schema for `spec.template.querier.pod_security_context.seccomp_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
+
+
+
+### Nested Schema for `spec.template.querier.pod_security_context.sysctls`
+
+Required:
+
+- `name` (String) Name of a property to set
+- `value` (String) Value of a property to set
+
+
+
+### Nested Schema for `spec.template.querier.pod_security_context.windows_options`
+
+Optional:
+
+- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
+- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
+
+
### Nested Schema for `spec.template.querier.resources`
@@ -617,10 +922,71 @@ Optional:
Optional:
- `node_selector` (Map of String) NodeSelector defines the simple form of the node-selection constraint.
+- `pod_security_context` (Attributes) PodSecurityContext defines security context will be applied to all pods of this component. (see [below for nested schema](#nestedatt--spec--template--query_frontend--component--pod_security_context))
- `replicas` (Number) Replicas defines the number of replicas to be created for this component.
- `resources` (Attributes) Resources defines resources for this component, this will override the calculated resources derived from total (see [below for nested schema](#nestedatt--spec--template--query_frontend--component--resources))
- `tolerations` (Attributes List) Tolerations defines component-specific pod tolerations. (see [below for nested schema](#nestedatt--spec--template--query_frontend--component--tolerations))
+
+### Nested Schema for `spec.template.query_frontend.component.pod_security_context`
+
+Optional:
+
+- `fs_group` (Number) A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.
+- `fs_group_change_policy` (String) fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_group` (Number) The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `run_as_non_root` (Boolean) Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+- `run_as_user` (Number) The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.
+- `se_linux_options` (Attributes) The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--query_frontend--component--pod_security_context--se_linux_options))
+- `seccomp_profile` (Attributes) The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--query_frontend--component--pod_security_context--seccomp_profile))
+- `supplemental_groups` (List of String) A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.
+- `sysctls` (Attributes List) Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows. (see [below for nested schema](#nestedatt--spec--template--query_frontend--component--pod_security_context--sysctls))
+- `windows_options` (Attributes) The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux. (see [below for nested schema](#nestedatt--spec--template--query_frontend--component--pod_security_context--windows_options))
+
+
+### Nested Schema for `spec.template.query_frontend.component.pod_security_context.se_linux_options`
+
+Optional:
+
+- `level` (String) Level is SELinux level label that applies to the container.
+- `role` (String) Role is a SELinux role label that applies to the container.
+- `type` (String) Type is a SELinux type label that applies to the container.
+- `user` (String) User is a SELinux user label that applies to the container.
+
+
+
+### Nested Schema for `spec.template.query_frontend.component.pod_security_context.seccomp_profile`
+
+Required:
+
+- `type` (String) type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.
+
+Optional:
+
+- `localhost_profile` (String) localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.
+
+
+
+### Nested Schema for `spec.template.query_frontend.component.pod_security_context.sysctls`
+
+Required:
+
+- `name` (String) Name of a property to set
+- `value` (String) Value of a property to set
+
+
+
+### Nested Schema for `spec.template.query_frontend.component.pod_security_context.windows_options`
+
+Optional:
+
+- `gmsa_credential_spec` (String) GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.
+- `gmsa_credential_spec_name` (String) GMSACredentialSpecName is the name of the GMSA credential spec to use.
+- `host_process` (Boolean) HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.
+- `run_as_user_name` (String) The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.
+
+
+
### Nested Schema for `spec.template.query_frontend.component.resources`
diff --git a/docs/data-sources/temporal_io_temporal_cluster_v1beta1_manifest.md b/docs/data-sources/temporal_io_temporal_cluster_v1beta1_manifest.md
index d93cf94d1..fa937f887 100644
--- a/docs/data-sources/temporal_io_temporal_cluster_v1beta1_manifest.md
+++ b/docs/data-sources/temporal_io_temporal_cluster_v1beta1_manifest.md
@@ -797,6 +797,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -858,7 +862,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -894,7 +898,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -907,7 +911,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -966,7 +970,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -985,6 +989,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -1101,19 +1109,19 @@ Optional:
Required:
-- `selector` (Attributes) Label selector to select the Kubernetes 'Endpoints' objects. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--selector))
+- `endpoints` (Attributes List) List of endpoints part of this ServiceMonitor. Defines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects. In most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints))
+- `selector` (Attributes) Label selector to select the Kubernetes 'Endpoints' objects to scrape metrics from. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--selector))
Optional:
- `attach_metadata` (Attributes) 'attachMetadata' defines additional metadata which is added to the discovered targets. It requires Prometheus >= v2.37.0. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--attach_metadata))
- `body_size_limit` (String) When defined, bodySizeLimit specifies a job level limit on the size of uncompressed response body that will be accepted by Prometheus. It requires Prometheus >= v2.28.0.
-- `endpoints` (Attributes List) List of endpoints part of this ServiceMonitor. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints))
- `job_label` (String) 'jobLabel' selects the label from the associated Kubernetes 'Service' object which will be used as the 'job' label for all metrics. For example if 'jobLabel' is set to 'foo' and the Kubernetes 'Service' object is labeled with 'foo: bar', then Prometheus adds the 'job='bar'' label to all ingested metrics. If the value of this field is empty or if the label doesn't exist for the given Service, the 'job' label of the metrics defaults to the name of the associated Kubernetes 'Service'.
- `keep_dropped_targets` (Number) Per-scrape limit on the number of targets dropped by relabeling that will be kept in memory. 0 means no limit. It requires Prometheus >= v2.47.0.
- `label_limit` (Number) Per-scrape limit on number of labels that will be accepted for a sample. It requires Prometheus >= v2.27.0.
- `label_name_length_limit` (Number) Per-scrape limit on length of labels name that will be accepted for a sample. It requires Prometheus >= v2.27.0.
- `label_value_length_limit` (Number) Per-scrape limit on length of labels value that will be accepted for a sample. It requires Prometheus >= v2.27.0.
-- `namespace_selector` (Attributes) Selector to select which namespaces the Kubernetes 'Endpoints' objects are discovered from. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--namespace_selector))
+- `namespace_selector` (Attributes) 'namespaceSelector' defines in which namespace(s) Prometheus should discover the services. By default, the services are discovered in the same namespace as the 'ServiceMonitor' object but it is possible to select pods across different/all namespaces. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--namespace_selector))
- `pod_target_labels` (List of String) 'podTargetLabels' defines the labels which are transferred from the associated Kubernetes 'Pod' object onto the ingested metrics.
- `sample_limit` (Number) 'sampleLimit' defines a per-scrape limit on the number of scraped samples that will be accepted.
- `scrape_class` (String) The scrape class to apply.
@@ -1121,36 +1129,6 @@ Optional:
- `target_labels` (List of String) 'targetLabels' defines the labels which are transferred from the associated Kubernetes 'Service' object onto the ingested metrics.
- `target_limit` (Number) 'targetLimit' defines a limit on the number of scraped targets that will be accepted.
-
-### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.selector`
-
-Optional:
-
-- `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--selector--match_expressions))
-- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.
-
-
-### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.selector.match_expressions`
-
-Required:
-
-- `key` (String) key is the label key that the selector applies to.
-- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
-
-Optional:
-
-- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
-
-
-
-
-### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.attach_metadata`
-
-Optional:
-
-- `node` (Boolean) When set to true, Prometheus must have the 'get' permission on the 'Nodes' objects.
-
-
### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints`
@@ -1196,7 +1174,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1218,7 +1196,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1231,7 +1209,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1245,7 +1223,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1275,7 +1253,12 @@ Required:
Optional:
- `endpoint_params` (Map of String) 'endpointParams' configures the HTTP parameters to append to the token URL.
+- `no_proxy` (String) 'noProxy' is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.
+- `proxy_connect_header` (Map of String) ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.
+- `proxy_from_environment` (Boolean) Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.
+- `proxy_url` (String) 'proxyURL' defines the HTTP proxy server to use.
- `scopes` (List of String) 'scopes' defines the OAuth2 scopes used for the token request.
+- `tls_config` (Attributes) TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints--oauth2--tls_config))
### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.oauth2.client_id`
@@ -1294,7 +1277,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1307,7 +1290,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1321,10 +1304,107 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.oauth2.tls_config`
+
+Optional:
+
+- `ca` (Attributes) Certificate authority used when verifying server certificates. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints--oauth2--tls_config--ca))
+- `cert` (Attributes) Client certificate to present when doing client-authentication. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints--oauth2--tls_config--cert))
+- `insecure_skip_verify` (Boolean) Disable target certificate validation.
+- `key_secret` (Attributes) Secret containing the client key file for the targets. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints--oauth2--tls_config--key_secret))
+- `max_version` (String) Maximum acceptable TLS version. It requires Prometheus >= v2.41.0.
+- `min_version` (String) Minimum acceptable TLS version. It requires Prometheus >= v2.35.0.
+- `server_name` (String) Used to verify the hostname for the targets.
+
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.oauth2.tls_config.ca`
+
+Optional:
+
+- `config_map` (Attributes) ConfigMap containing data to use for the targets. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints--oauth2--tls_config--ca--config_map))
+- `secret` (Attributes) Secret containing data to use for the targets. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints--oauth2--tls_config--ca--secret))
+
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.oauth2.tls_config.ca.config_map`
+
+Required:
+
+- `key` (String) The key to select.
+
+Optional:
+
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
+
+
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.oauth2.tls_config.ca.secret`
+
+Required:
+
+- `key` (String) The key of the secret to select from. Must be a valid secret key.
+
+Optional:
+
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `optional` (Boolean) Specify whether the Secret or its key must be defined
+
+
+
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.oauth2.tls_config.cert`
+
+Optional:
+
+- `config_map` (Attributes) ConfigMap containing data to use for the targets. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints--oauth2--tls_config--cert--config_map))
+- `secret` (Attributes) Secret containing data to use for the targets. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints--oauth2--tls_config--cert--secret))
+
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.oauth2.tls_config.cert.config_map`
+
+Required:
+
+- `key` (String) The key to select.
+
+Optional:
+
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
+
+
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.oauth2.tls_config.cert.secret`
+
+Required:
+
+- `key` (String) The key of the secret to select from. Must be a valid secret key.
+
+Optional:
+
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `optional` (Boolean) Specify whether the Secret or its key must be defined
+
+
+
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.oauth2.tls_config.key_secret`
+
+Required:
+
+- `key` (String) The key of the secret to select from. Must be a valid secret key.
+
+Optional:
+
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `optional` (Boolean) Specify whether the Secret or its key must be defined
+
+
+
### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.endpoints.relabelings`
@@ -1352,6 +1432,8 @@ Optional:
- `insecure_skip_verify` (Boolean) Disable target certificate validation.
- `key_file` (String) Path to the client key file in the Prometheus container for the targets.
- `key_secret` (Attributes) Secret containing the client key file for the targets. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--endpoints--tls_config--key_secret))
+- `max_version` (String) Maximum acceptable TLS version. It requires Prometheus >= v2.41.0.
+- `min_version` (String) Minimum acceptable TLS version. It requires Prometheus >= v2.35.0.
- `server_name` (String) Used to verify the hostname for the targets.
@@ -1371,7 +1453,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1384,7 +1466,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1406,7 +1488,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -1419,7 +1501,7 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -1433,12 +1515,42 @@ Required:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.selector`
+
+Optional:
+
+- `match_expressions` (Attributes List) matchExpressions is a list of label selector requirements. The requirements are ANDed. (see [below for nested schema](#nestedatt--spec--metrics--prometheus--scrape_config--service_monitor--override--selector--match_expressions))
+- `match_labels` (Map of String) matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.
+
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.selector.match_expressions`
+
+Required:
+
+- `key` (String) key is the label key that the selector applies to.
+- `operator` (String) operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.
+
+Optional:
+
+- `values` (List of String) values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.
+
+
+
+
+### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.attach_metadata`
+
+Optional:
+
+- `node` (Boolean) When set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the 'list' and 'watch' permissions on the 'Nodes' objects.
+
+
### Nested Schema for `spec.metrics.prometheus.scrape_config.service_monitor.override.namespace_selector`
@@ -1546,6 +1658,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -1630,6 +1746,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -1715,6 +1835,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -1799,6 +1923,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -1935,6 +2063,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
@@ -2044,6 +2176,10 @@ Required:
- `name` (String) Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.
+Optional:
+
+- `request` (String) Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.
+
diff --git a/docs/data-sources/tinkerbell_org_hardware_v1alpha2_manifest.md b/docs/data-sources/tinkerbell_org_hardware_v1alpha2_manifest.md
index be5de4dc7..03cb0cccb 100644
--- a/docs/data-sources/tinkerbell_org_hardware_v1alpha2_manifest.md
+++ b/docs/data-sources/tinkerbell_org_hardware_v1alpha2_manifest.md
@@ -68,7 +68,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -119,4 +119,4 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
diff --git a/docs/data-sources/tinkerbell_org_workflow_v1alpha1_manifest.md b/docs/data-sources/tinkerbell_org_workflow_v1alpha1_manifest.md
index 5575d343c..924a0ce40 100644
--- a/docs/data-sources/tinkerbell_org_workflow_v1alpha1_manifest.md
+++ b/docs/data-sources/tinkerbell_org_workflow_v1alpha1_manifest.md
@@ -55,6 +55,15 @@ Optional:
Optional:
-- `hardware_map` (Map of String) A mapping of template devices to hadware mac addresses
+- `boot_options` (Attributes) BootOptions are options that control the booting of Hardware. (see [below for nested schema](#nestedatt--spec--boot_options))
+- `hardware_map` (Map of String) A mapping of template devices to hadware mac addresses.
- `hardware_ref` (String) Name of the Hardware associated with this workflow.
- `template_ref` (String) Name of the Template associated with this workflow.
+
+
+### Nested Schema for `spec.boot_options`
+
+Optional:
+
+- `one_time_netboot` (Boolean) OneTimeNetboot indicates whether the controller should create a job.bmc.tinkerbell.org object for getting the associated hardware into a netbooting state. A HardwareRef that contains a spec.BmcRef must be provided.
+- `toggle_allow_netboot` (Boolean) ToggleAllowNetboot indicates whether the controller should toggle the field in the associated hardware for allowing PXE booting. This will be enabled before a Workflow is executed and disabled after the Workflow has completed successfully. A HardwareRef must be provided.
diff --git a/docs/data-sources/tinkerbell_org_workflow_v1alpha2_manifest.md b/docs/data-sources/tinkerbell_org_workflow_v1alpha2_manifest.md
index 58317b212..08747c8e9 100644
--- a/docs/data-sources/tinkerbell_org_workflow_v1alpha2_manifest.md
+++ b/docs/data-sources/tinkerbell_org_workflow_v1alpha2_manifest.md
@@ -65,7 +65,7 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -73,4 +73,4 @@ Optional:
Optional:
-- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
diff --git a/docs/data-sources/traefik_io_ingress_route_tcp_v1alpha1_manifest.md b/docs/data-sources/traefik_io_ingress_route_tcp_v1alpha1_manifest.md
index d40dd8f62..eaf8aff01 100644
--- a/docs/data-sources/traefik_io_ingress_route_tcp_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_ingress_route_tcp_v1alpha1_manifest.md
@@ -59,22 +59,22 @@ Required:
Optional:
-- `entry_points` (List of String) EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/ Default: all.
-- `tls` (Attributes) TLS defines the TLS configuration on a layer 4 / TCP Route. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1 (see [below for nested schema](#nestedatt--spec--tls))
+- `entry_points` (List of String) EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ Default: all.
+- `tls` (Attributes) TLS defines the TLS configuration on a layer 4 / TCP Route. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1 (see [below for nested schema](#nestedatt--spec--tls))
### Nested Schema for `spec.routes`
Required:
-- `match` (String) Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1
+- `match` (String) Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1
Optional:
- `middlewares` (Attributes List) Middlewares defines the list of references to MiddlewareTCP resources. (see [below for nested schema](#nestedatt--spec--routes--middlewares))
-- `priority` (Number) Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1
+- `priority` (Number) Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1
- `services` (Attributes List) Services defines the list of TCP services. (see [below for nested schema](#nestedatt--spec--routes--services))
-- `syntax` (String) Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1
+- `syntax` (String) Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1
### Nested Schema for `spec.routes.middlewares`
@@ -101,7 +101,7 @@ Optional:
- `namespace` (String) Namespace defines the namespace of the referenced Kubernetes Service.
- `native_lb` (Boolean) NativeLB controls, when creating the load-balancer, whether the LB's children are directly the pods IPs or if the only child is the Kubernetes Service clusterIP. The Kubernetes Service itself does load-balance to the pods. By default, NativeLB is false.
- `node_port_lb` (Boolean) NodePortLB controls, when creating the load-balancer, whether the LB's children are directly the nodes internal IPs using the nodePort when the service type is NodePort. It allows services to be reachable when Traefik runs externally from the Kubernetes cluster but within the same network of the nodes. By default, NodePortLB is false.
-- `proxy_protocol` (Attributes) ProxyProtocol defines the PROXY protocol configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol (see [below for nested schema](#nestedatt--spec--routes--services--proxy_protocol))
+- `proxy_protocol` (Attributes) ProxyProtocol defines the PROXY protocol configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol (see [below for nested schema](#nestedatt--spec--routes--services--proxy_protocol))
- `servers_transport` (String) ServersTransport defines the name of ServersTransportTCP resource to use. It allows to configure the transport between Traefik and your servers. Can only be used on a Kubernetes Service.
- `termination_delay` (Number) TerminationDelay defines the deadline that the proxy sets, after one of its connected peers indicates it has closed the writing capability of its connection, to close the reading capability as well, hence fully terminating the connection. It is a duration in milliseconds, defaulting to 100. A negative value means an infinite deadline (i.e. the reading capability is never closed). Deprecated: TerminationDelay will not be supported in future APIVersions, please use ServersTransport to configure the TerminationDelay instead.
- `tls` (Boolean) TLS determines whether to use TLS when dialing with the backend.
@@ -122,9 +122,9 @@ Optional:
Optional:
-- `cert_resolver` (String) CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
-- `domains` (Attributes List) Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains (see [below for nested schema](#nestedatt--spec--tls--domains))
-- `options` (Attributes) Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options (see [below for nested schema](#nestedatt--spec--tls--options))
+- `cert_resolver` (String) CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
+- `domains` (Attributes List) Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains (see [below for nested schema](#nestedatt--spec--tls--domains))
+- `options` (Attributes) Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options (see [below for nested schema](#nestedatt--spec--tls--options))
- `passthrough` (Boolean) Passthrough defines whether a TLS router will terminate the TLS connection.
- `secret_name` (String) SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
- `store` (Attributes) Store defines the reference to the TLSStore, that will be used to store certificates. Please note that only 'default' TLSStore can be used. (see [below for nested schema](#nestedatt--spec--tls--store))
diff --git a/docs/data-sources/traefik_io_ingress_route_udp_v1alpha1_manifest.md b/docs/data-sources/traefik_io_ingress_route_udp_v1alpha1_manifest.md
index 8153d254c..dff225281 100644
--- a/docs/data-sources/traefik_io_ingress_route_udp_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_ingress_route_udp_v1alpha1_manifest.md
@@ -59,7 +59,7 @@ Required:
Optional:
-- `entry_points` (List of String) EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/ Default: all.
+- `entry_points` (List of String) EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ Default: all.
### Nested Schema for `spec.routes`
diff --git a/docs/data-sources/traefik_io_ingress_route_v1alpha1_manifest.md b/docs/data-sources/traefik_io_ingress_route_v1alpha1_manifest.md
index 8d8b5fce0..f16d5975e 100644
--- a/docs/data-sources/traefik_io_ingress_route_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_ingress_route_v1alpha1_manifest.md
@@ -59,8 +59,8 @@ Required:
Optional:
-- `entry_points` (List of String) EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/ Default: all.
-- `tls` (Attributes) TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls (see [below for nested schema](#nestedatt--spec--tls))
+- `entry_points` (List of String) EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ Default: all.
+- `tls` (Attributes) TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls (see [below for nested schema](#nestedatt--spec--tls))
### Nested Schema for `spec.routes`
@@ -68,14 +68,14 @@ Optional:
Required:
- `kind` (String) Kind defines the kind of the route. Rule is the only supported kind.
-- `match` (String) Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule
+- `match` (String) Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule
Optional:
-- `middlewares` (Attributes List) Middlewares defines the list of references to Middleware resources. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware (see [below for nested schema](#nestedatt--spec--routes--middlewares))
-- `priority` (Number) Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority
+- `middlewares` (Attributes List) Middlewares defines the list of references to Middleware resources. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware (see [below for nested schema](#nestedatt--spec--routes--middlewares))
+- `priority` (Number) Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority
- `services` (Attributes List) Services defines the list of Service. It can contain any combination of TraefikService and/or reference to a Kubernetes Service. (see [below for nested schema](#nestedatt--spec--routes--services))
-- `syntax` (String) Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax
+- `syntax` (String) Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax
### Nested Schema for `spec.routes.middlewares`
@@ -108,7 +108,7 @@ Optional:
- `response_forwarding` (Attributes) ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. (see [below for nested schema](#nestedatt--spec--routes--services--response_forwarding))
- `scheme` (String) Scheme defines the scheme to use for the request to the upstream Kubernetes Service. It defaults to https when Kubernetes Service port is 443, http otherwise.
- `servers_transport` (String) ServersTransport defines the name of ServersTransport resource to use. It allows to configure the transport between Traefik and your servers. Can only be used on a Kubernetes Service.
-- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--routes--services--sticky))
+- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--routes--services--sticky))
- `strategy` (String) Strategy defines the load balancing strategy between the servers. RoundRobin is the only supported value at the moment.
- `weight` (Number) Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin).
@@ -165,9 +165,9 @@ Optional:
Optional:
-- `cert_resolver` (String) CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers
-- `domains` (Attributes List) Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains (see [below for nested schema](#nestedatt--spec--tls--domains))
-- `options` (Attributes) Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options (see [below for nested schema](#nestedatt--spec--tls--options))
+- `cert_resolver` (String) CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers
+- `domains` (Attributes List) Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains (see [below for nested schema](#nestedatt--spec--tls--domains))
+- `options` (Attributes) Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options (see [below for nested schema](#nestedatt--spec--tls--options))
- `secret_name` (String) SecretName is the name of the referenced Kubernetes Secret to specify the certificate details.
- `store` (Attributes) Store defines the reference to the TLSStore, that will be used to store certificates. Please note that only 'default' TLSStore can be used. (see [below for nested schema](#nestedatt--spec--tls--store))
@@ -185,11 +185,11 @@ Optional:
Required:
-- `name` (String) Name defines the name of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
+- `name` (String) Name defines the name of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
Optional:
-- `namespace` (String) Namespace defines the namespace of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption
+- `namespace` (String) Namespace defines the namespace of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption
@@ -197,8 +197,8 @@ Optional:
Required:
-- `name` (String) Name defines the name of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
+- `name` (String) Name defines the name of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
Optional:
-- `namespace` (String) Namespace defines the namespace of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore
+- `namespace` (String) Namespace defines the namespace of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore
diff --git a/docs/data-sources/traefik_io_middleware_tcp_v1alpha1_manifest.md b/docs/data-sources/traefik_io_middleware_tcp_v1alpha1_manifest.md
index db611f906..d3474e20d 100644
--- a/docs/data-sources/traefik_io_middleware_tcp_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_middleware_tcp_v1alpha1_manifest.md
@@ -3,12 +3,12 @@
page_title: "k8s_traefik_io_middleware_tcp_v1alpha1_manifest Data Source - terraform-provider-k8s"
subcategory: "traefik.io"
description: |-
- MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
+ MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/
---
# k8s_traefik_io_middleware_tcp_v1alpha1_manifest (Data Source)
-MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/
+MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/
## Example Usage
@@ -56,8 +56,8 @@ Optional:
Optional:
- `in_flight_conn` (Attributes) InFlightConn defines the InFlightConn middleware configuration. (see [below for nested schema](#nestedatt--spec--in_flight_conn))
-- `ip_allow_list` (Attributes) IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/ (see [below for nested schema](#nestedatt--spec--ip_allow_list))
-- `ip_white_list` (Attributes) IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/ (see [below for nested schema](#nestedatt--spec--ip_white_list))
+- `ip_allow_list` (Attributes) IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/ (see [below for nested schema](#nestedatt--spec--ip_allow_list))
+- `ip_white_list` (Attributes) IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/ (see [below for nested schema](#nestedatt--spec--ip_white_list))
### Nested Schema for `spec.in_flight_conn`
diff --git a/docs/data-sources/traefik_io_middleware_v1alpha1_manifest.md b/docs/data-sources/traefik_io_middleware_v1alpha1_manifest.md
index 979d3d9cf..518eaa5bd 100644
--- a/docs/data-sources/traefik_io_middleware_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_middleware_v1alpha1_manifest.md
@@ -3,12 +3,12 @@
page_title: "k8s_traefik_io_middleware_v1alpha1_manifest Data Source - terraform-provider-k8s"
subcategory: "traefik.io"
description: |-
- Middleware is the CRD implementation of a Traefik Middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
+ Middleware is the CRD implementation of a Traefik Middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/
---
# k8s_traefik_io_middleware_v1alpha1_manifest (Data Source)
-Middleware is the CRD implementation of a Traefik Middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/
+Middleware is the CRD implementation of a Traefik Middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/
## Example Usage
@@ -55,31 +55,31 @@ Optional:
Optional:
-- `add_prefix` (Attributes) AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding it. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/ (see [below for nested schema](#nestedatt--spec--add_prefix))
-- `basic_auth` (Attributes) BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/ (see [below for nested schema](#nestedatt--spec--basic_auth))
-- `buffering` (Attributes) Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can be forwarded to backends. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes (see [below for nested schema](#nestedatt--spec--buffering))
-- `chain` (Attributes) Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other pieces of middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/ (see [below for nested schema](#nestedatt--spec--chain))
+- `add_prefix` (Attributes) AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding it. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/addprefix/ (see [below for nested schema](#nestedatt--spec--add_prefix))
+- `basic_auth` (Attributes) BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/ (see [below for nested schema](#nestedatt--spec--basic_auth))
+- `buffering` (Attributes) Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can be forwarded to backends. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#maxrequestbodybytes (see [below for nested schema](#nestedatt--spec--buffering))
+- `chain` (Attributes) Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other pieces of middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/chain/ (see [below for nested schema](#nestedatt--spec--chain))
- `circuit_breaker` (Attributes) CircuitBreaker holds the circuit breaker configuration. (see [below for nested schema](#nestedatt--spec--circuit_breaker))
-- `compress` (Attributes) Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/ (see [below for nested schema](#nestedatt--spec--compress))
+- `compress` (Attributes) Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/compress/ (see [below for nested schema](#nestedatt--spec--compress))
- `content_type` (Attributes) ContentType holds the content-type middleware configuration. This middleware exists to enable the correct behavior until at least the default one can be changed in a future version. (see [below for nested schema](#nestedatt--spec--content_type))
-- `digest_auth` (Attributes) DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/ (see [below for nested schema](#nestedatt--spec--digest_auth))
-- `errors` (Attributes) ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/ (see [below for nested schema](#nestedatt--spec--errors))
-- `forward_auth` (Attributes) ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/ (see [below for nested schema](#nestedatt--spec--forward_auth))
+- `digest_auth` (Attributes) DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/ (see [below for nested schema](#nestedatt--spec--digest_auth))
+- `errors` (Attributes) ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/ (see [below for nested schema](#nestedatt--spec--errors))
+- `forward_auth` (Attributes) ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/ (see [below for nested schema](#nestedatt--spec--forward_auth))
- `grpc_web` (Attributes) GrpcWeb holds the gRPC web middleware configuration. This middleware converts a gRPC web request to an HTTP/2 gRPC request. (see [below for nested schema](#nestedatt--spec--grpc_web))
-- `headers` (Attributes) Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders (see [below for nested schema](#nestedatt--spec--headers))
-- `in_flight_req` (Attributes) InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and served concurrently. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/ (see [below for nested schema](#nestedatt--spec--in_flight_req))
-- `ip_allow_list` (Attributes) IPAllowList holds the IP allowlist middleware configuration. This middleware limits allowed requests based on the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/ (see [below for nested schema](#nestedatt--spec--ip_allow_list))
+- `headers` (Attributes) Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/headers/#customrequestheaders (see [below for nested schema](#nestedatt--spec--headers))
+- `in_flight_req` (Attributes) InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and served concurrently. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/ (see [below for nested schema](#nestedatt--spec--in_flight_req))
+- `ip_allow_list` (Attributes) IPAllowList holds the IP allowlist middleware configuration. This middleware limits allowed requests based on the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/ (see [below for nested schema](#nestedatt--spec--ip_allow_list))
- `ip_white_list` (Attributes) Deprecated: please use IPAllowList instead. (see [below for nested schema](#nestedatt--spec--ip_white_list))
-- `pass_tls_client_cert` (Attributes) PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/ (see [below for nested schema](#nestedatt--spec--pass_tls_client_cert))
+- `pass_tls_client_cert` (Attributes) PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/passtlsclientcert/ (see [below for nested schema](#nestedatt--spec--pass_tls_client_cert))
- `plugin` (Map of String) Plugin defines the middleware plugin configuration. More info: https://doc.traefik.io/traefik/plugins/
-- `rate_limit` (Attributes) RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/ (see [below for nested schema](#nestedatt--spec--rate_limit))
-- `redirect_regex` (Attributes) RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex (see [below for nested schema](#nestedatt--spec--redirect_regex))
-- `redirect_scheme` (Attributes) RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port to another. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/ (see [below for nested schema](#nestedatt--spec--redirect_scheme))
-- `replace_path` (Attributes) ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/ (see [below for nested schema](#nestedatt--spec--replace_path))
-- `replace_path_regex` (Attributes) ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/ (see [below for nested schema](#nestedatt--spec--replace_path_regex))
-- `retry` (Attributes) Retry holds the retry middleware configuration. This middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/ (see [below for nested schema](#nestedatt--spec--retry))
-- `strip_prefix` (Attributes) StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/ (see [below for nested schema](#nestedatt--spec--strip_prefix))
-- `strip_prefix_regex` (Attributes) StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/ (see [below for nested schema](#nestedatt--spec--strip_prefix_regex))
+- `rate_limit` (Attributes) RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ratelimit/ (see [below for nested schema](#nestedatt--spec--rate_limit))
+- `redirect_regex` (Attributes) RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectregex/#regex (see [below for nested schema](#nestedatt--spec--redirect_regex))
+- `redirect_scheme` (Attributes) RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port to another. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectscheme/ (see [below for nested schema](#nestedatt--spec--redirect_scheme))
+- `replace_path` (Attributes) ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepath/ (see [below for nested schema](#nestedatt--spec--replace_path))
+- `replace_path_regex` (Attributes) ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepathregex/ (see [below for nested schema](#nestedatt--spec--replace_path_regex))
+- `retry` (Attributes) Retry holds the retry middleware configuration. This middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/ (see [below for nested schema](#nestedatt--spec--retry))
+- `strip_prefix` (Attributes) StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefix/ (see [below for nested schema](#nestedatt--spec--strip_prefix))
+- `strip_prefix_regex` (Attributes) StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefixregex/ (see [below for nested schema](#nestedatt--spec--strip_prefix_regex))
### Nested Schema for `spec.add_prefix`
@@ -94,7 +94,7 @@ Optional:
Optional:
-- `header_field` (String) HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
+- `header_field` (String) HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
- `realm` (String) Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. Default: traefik.
- `remove_header` (Boolean) RemoveHeader sets the removeHeader option to true to remove the authorization header before forwarding the request to your service. Default: false.
- `secret` (String) Secret is the name of the referenced Kubernetes Secret containing user credentials.
@@ -109,7 +109,7 @@ Optional:
- `max_response_body_bytes` (Number) MaxResponseBodyBytes defines the maximum allowed response size from the service (in bytes). If the response exceeds the allowed size, it is not forwarded to the client. The client gets a 500 (Internal Server Error) response instead. Default: 0 (no maximum).
- `mem_request_body_bytes` (Number) MemRequestBodyBytes defines the threshold (in bytes) from which the request will be buffered on disk instead of in memory. Default: 1048576 (1Mi).
- `mem_response_body_bytes` (Number) MemResponseBodyBytes defines the threshold (in bytes) from which the response will be buffered on disk instead of in memory. Default: 1048576 (1Mi).
-- `retry_expression` (String) RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) and OR (||). More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression
+- `retry_expression` (String) RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) and OR (||). More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#retryexpression
@@ -169,7 +169,7 @@ Optional:
Optional:
-- `header_field` (String) HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield
+- `header_field` (String) HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield
- `realm` (String) Realm allows the protected resources on a server to be partitioned into a set of protection spaces, each with its own authentication scheme. Default: traefik.
- `remove_header` (Boolean) RemoveHeader defines whether to remove the authorization header before forwarding the request to the backend.
- `secret` (String) Secret is the name of the referenced Kubernetes Secret containing user credentials.
@@ -181,7 +181,7 @@ Optional:
Optional:
- `query` (String) Query defines the URL for the error page (hosted by service). The {status} variable can be used in order to insert the status code in the URL.
-- `service` (Attributes) Service defines the reference to a Kubernetes Service that will serve the error page. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service (see [below for nested schema](#nestedatt--spec--errors--service))
+- `service` (Attributes) Service defines the reference to a Kubernetes Service that will serve the error page. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/#service (see [below for nested schema](#nestedatt--spec--errors--service))
- `status` (List of String) Status defines which status or range of statuses should result in an error page. It can be either a status code as a number (500), as multiple comma-separated numbers (500,502), as ranges by separating two codes with a dash (500-599), or a combination of the two (404,418,500-599).
@@ -203,7 +203,7 @@ Optional:
- `response_forwarding` (Attributes) ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. (see [below for nested schema](#nestedatt--spec--errors--service--response_forwarding))
- `scheme` (String) Scheme defines the scheme to use for the request to the upstream Kubernetes Service. It defaults to https when Kubernetes Service port is 443, http otherwise.
- `servers_transport` (String) ServersTransport defines the name of ServersTransport resource to use. It allows to configure the transport between Traefik and your servers. Can only be used on a Kubernetes Service.
-- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--errors--service--sticky))
+- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--errors--service--sticky))
- `strategy` (String) Strategy defines the load balancing strategy between the servers. RoundRobin is the only supported value at the moment.
- `weight` (Number) Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin).
@@ -264,7 +264,7 @@ Optional:
- `address` (String) Address defines the authentication server address.
- `auth_request_headers` (List of String) AuthRequestHeaders defines the list of the headers to copy from the request to the authentication server. If not set or empty then all request headers are passed.
- `auth_response_headers` (List of String) AuthResponseHeaders defines the list of headers to copy from the authentication server response and set on forwarded request, replacing any existing conflicting headers.
-- `auth_response_headers_regex` (String) AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex
+- `auth_response_headers_regex` (String) AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex
- `tls` (Attributes) TLS defines the configuration used to secure the connection to the authentication server. (see [below for nested schema](#nestedatt--spec--forward_auth--tls))
- `trust_forward_header` (Boolean) TrustForwardHeader defines whether to trust (ie: forward) all X-Forwarded-* headers.
@@ -334,14 +334,14 @@ Optional:
Optional:
- `amount` (Number) Amount defines the maximum amount of allowed simultaneous in-flight request. The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).
-- `source_criterion` (Attributes) SourceCriterion defines what criterion is used to group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion (see [below for nested schema](#nestedatt--spec--in_flight_req--source_criterion))
+- `source_criterion` (Attributes) SourceCriterion defines what criterion is used to group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/#sourcecriterion (see [below for nested schema](#nestedatt--spec--in_flight_req--source_criterion))
### Nested Schema for `spec.in_flight_req.source_criterion`
Optional:
-- `ip_strategy` (Attributes) IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy (see [below for nested schema](#nestedatt--spec--in_flight_req--source_criterion--ip_strategy))
+- `ip_strategy` (Attributes) IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy (see [below for nested schema](#nestedatt--spec--in_flight_req--source_criterion--ip_strategy))
- `request_header_name` (String) RequestHeaderName defines the name of the header used to group incoming requests.
- `request_host` (Boolean) RequestHost defines whether to consider the request Host as the source.
@@ -362,7 +362,7 @@ Optional:
Optional:
-- `ip_strategy` (Attributes) IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy (see [below for nested schema](#nestedatt--spec--ip_allow_list--ip_strategy))
+- `ip_strategy` (Attributes) IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy (see [below for nested schema](#nestedatt--spec--ip_allow_list--ip_strategy))
- `reject_status_code` (Number) RejectStatusCode defines the HTTP status code used for refused requests. If not set, the default is 403 (Forbidden).
- `source_range` (List of String) SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation).
@@ -382,7 +382,7 @@ Optional:
Optional:
-- `ip_strategy` (Attributes) IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy (see [below for nested schema](#nestedatt--spec--ip_white_list--ip_strategy))
+- `ip_strategy` (Attributes) IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy (see [below for nested schema](#nestedatt--spec--ip_white_list--ip_strategy))
- `source_range` (List of String) SourceRange defines the set of allowed IPs (or ranges of allowed IPs by using CIDR notation). Required.
@@ -462,7 +462,7 @@ Optional:
Optional:
-- `ip_strategy` (Attributes) IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy (see [below for nested schema](#nestedatt--spec--rate_limit--source_criterion--ip_strategy))
+- `ip_strategy` (Attributes) IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy (see [below for nested schema](#nestedatt--spec--rate_limit--source_criterion--ip_strategy))
- `request_header_name` (String) RequestHeaderName defines the name of the header used to group incoming requests.
- `request_host` (Boolean) RequestHost defines whether to consider the request Host as the source.
diff --git a/docs/data-sources/traefik_io_servers_transport_tcp_v1alpha1_manifest.md b/docs/data-sources/traefik_io_servers_transport_tcp_v1alpha1_manifest.md
index cf0b676b4..2329f6b21 100644
--- a/docs/data-sources/traefik_io_servers_transport_tcp_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_servers_transport_tcp_v1alpha1_manifest.md
@@ -3,12 +3,12 @@
page_title: "k8s_traefik_io_servers_transport_tcp_v1alpha1_manifest Data Source - terraform-provider-k8s"
subcategory: "traefik.io"
description: |-
- ServersTransportTCP is the CRD implementation of a TCPServersTransport. If no tcpServersTransport is specified, a default one named default@internal will be used. The default@internal tcpServersTransport can be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
+ ServersTransportTCP is the CRD implementation of a TCPServersTransport. If no tcpServersTransport is specified, a default one named default@internal will be used. The default@internal tcpServersTransport can be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3
---
# k8s_traefik_io_servers_transport_tcp_v1alpha1_manifest (Data Source)
-ServersTransportTCP is the CRD implementation of a TCPServersTransport. If no tcpServersTransport is specified, a default one named default@internal will be used. The default@internal tcpServersTransport can be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3
+ServersTransportTCP is the CRD implementation of a TCPServersTransport. If no tcpServersTransport is specified, a default one named default@internal will be used. The default@internal tcpServersTransport can be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3
## Example Usage
diff --git a/docs/data-sources/traefik_io_servers_transport_v1alpha1_manifest.md b/docs/data-sources/traefik_io_servers_transport_v1alpha1_manifest.md
index 01d1083d9..a76f78fc2 100644
--- a/docs/data-sources/traefik_io_servers_transport_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_servers_transport_v1alpha1_manifest.md
@@ -3,12 +3,12 @@
page_title: "k8s_traefik_io_servers_transport_v1alpha1_manifest Data Source - terraform-provider-k8s"
subcategory: "traefik.io"
description: |-
- ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
+ ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1
---
# k8s_traefik_io_servers_transport_v1alpha1_manifest (Data Source)
-ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1
+ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1
## Example Usage
diff --git a/docs/data-sources/traefik_io_tls_option_v1alpha1_manifest.md b/docs/data-sources/traefik_io_tls_option_v1alpha1_manifest.md
index 3deef5998..f0ac5ae1a 100644
--- a/docs/data-sources/traefik_io_tls_option_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_tls_option_v1alpha1_manifest.md
@@ -3,12 +3,12 @@
page_title: "k8s_traefik_io_tls_option_v1alpha1_manifest Data Source - terraform-provider-k8s"
subcategory: "traefik.io"
description: |-
- TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
+ TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
---
# k8s_traefik_io_tls_option_v1alpha1_manifest (Data Source)
-TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options
+TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options
## Example Usage
@@ -55,10 +55,10 @@ Optional:
Optional:
-- `alpn_protocols` (List of String) ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols
-- `cipher_suites` (List of String) CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites
+- `alpn_protocols` (List of String) ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols
+- `cipher_suites` (List of String) CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites
- `client_auth` (Attributes) ClientAuth defines the server's policy for TLS Client Authentication. (see [below for nested schema](#nestedatt--spec--client_auth))
-- `curve_preferences` (List of String) CurvePreferences defines the preferred elliptic curves in a specific order. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences
+- `curve_preferences` (List of String) CurvePreferences defines the preferred elliptic curves in a specific order. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences
- `max_version` (String) MaxVersion defines the maximum TLS version that Traefik will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. Default: None.
- `min_version` (String) MinVersion defines the minimum TLS version that Traefik will accept. Possible values: VersionTLS10, VersionTLS11, VersionTLS12, VersionTLS13. Default: VersionTLS10.
- `prefer_server_cipher_suites` (Boolean) PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's. It is enabled automatically when minVersion or maxVersion is set. Deprecated: https://github.com/golang/go/issues/45430
diff --git a/docs/data-sources/traefik_io_tls_store_v1alpha1_manifest.md b/docs/data-sources/traefik_io_tls_store_v1alpha1_manifest.md
index 24633147f..2a3e931cb 100644
--- a/docs/data-sources/traefik_io_tls_store_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_tls_store_v1alpha1_manifest.md
@@ -3,12 +3,12 @@
page_title: "k8s_traefik_io_tls_store_v1alpha1_manifest Data Source - terraform-provider-k8s"
subcategory: "traefik.io"
description: |-
- TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes namespaces. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
+ TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes namespaces. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores
---
# k8s_traefik_io_tls_store_v1alpha1_manifest (Data Source)
-TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes namespaces. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores
+TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes namespaces. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores
## Example Usage
diff --git a/docs/data-sources/traefik_io_traefik_service_v1alpha1_manifest.md b/docs/data-sources/traefik_io_traefik_service_v1alpha1_manifest.md
index 18fe2ffd4..82c381e0b 100644
--- a/docs/data-sources/traefik_io_traefik_service_v1alpha1_manifest.md
+++ b/docs/data-sources/traefik_io_traefik_service_v1alpha1_manifest.md
@@ -3,12 +3,12 @@
page_title: "k8s_traefik_io_traefik_service_v1alpha1_manifest Data Source - terraform-provider-k8s"
subcategory: "traefik.io"
description: |-
- TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
+ TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice
---
# k8s_traefik_io_traefik_service_v1alpha1_manifest (Data Source)
-TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice
+TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice
## Example Usage
@@ -80,7 +80,7 @@ Optional:
- `response_forwarding` (Attributes) ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. (see [below for nested schema](#nestedatt--spec--mirroring--response_forwarding))
- `scheme` (String) Scheme defines the scheme to use for the request to the upstream Kubernetes Service. It defaults to https when Kubernetes Service port is 443, http otherwise.
- `servers_transport` (String) ServersTransport defines the name of ServersTransport resource to use. It allows to configure the transport between Traefik and your servers. Can only be used on a Kubernetes Service.
-- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--mirroring--sticky))
+- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--mirroring--sticky))
- `strategy` (String) Strategy defines the load balancing strategy between the servers. RoundRobin is the only supported value at the moment.
- `weight` (Number) Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin).
@@ -122,7 +122,7 @@ Optional:
- `response_forwarding` (Attributes) ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. (see [below for nested schema](#nestedatt--spec--mirroring--mirrors--response_forwarding))
- `scheme` (String) Scheme defines the scheme to use for the request to the upstream Kubernetes Service. It defaults to https when Kubernetes Service port is 443, http otherwise.
- `servers_transport` (String) ServersTransport defines the name of ServersTransport resource to use. It allows to configure the transport between Traefik and your servers. Can only be used on a Kubernetes Service.
-- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--mirroring--mirrors--sticky))
+- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--mirroring--mirrors--sticky))
- `strategy` (String) Strategy defines the load balancing strategy between the servers. RoundRobin is the only supported value at the moment.
- `weight` (Number) Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin).
@@ -208,7 +208,7 @@ Optional:
Optional:
- `services` (Attributes List) Services defines the list of Kubernetes Service and/or TraefikService to load-balance, with weight. (see [below for nested schema](#nestedatt--spec--weighted--services))
-- `sticky` (Attributes) Sticky defines whether sticky sessions are enabled. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing (see [below for nested schema](#nestedatt--spec--weighted--sticky))
+- `sticky` (Attributes) Sticky defines whether sticky sessions are enabled. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing (see [below for nested schema](#nestedatt--spec--weighted--sticky))
### Nested Schema for `spec.weighted.services`
@@ -229,7 +229,7 @@ Optional:
- `response_forwarding` (Attributes) ResponseForwarding defines how Traefik forwards the response from the upstream Kubernetes Service to the client. (see [below for nested schema](#nestedatt--spec--weighted--services--response_forwarding))
- `scheme` (String) Scheme defines the scheme to use for the request to the upstream Kubernetes Service. It defaults to https when Kubernetes Service port is 443, http otherwise.
- `servers_transport` (String) ServersTransport defines the name of ServersTransport resource to use. It allows to configure the transport between Traefik and your servers. Can only be used on a Kubernetes Service.
-- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--weighted--services--sticky))
+- `sticky` (Attributes) Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions (see [below for nested schema](#nestedatt--spec--weighted--services--sticky))
- `strategy` (String) Strategy defines the load balancing strategy between the servers. RoundRobin is the only supported value at the moment.
- `weight` (Number) Weight defines the weight and should only be specified when Name references a TraefikService object (and to be precise, one that embeds a Weighted Round Robin).
diff --git a/docs/data-sources/trino_stackable_tech_trino_catalog_v1alpha1_manifest.md b/docs/data-sources/trino_stackable_tech_trino_catalog_v1alpha1_manifest.md
index b04064832..bfb2a27c5 100644
--- a/docs/data-sources/trino_stackable_tech_trino_catalog_v1alpha1_manifest.md
+++ b/docs/data-sources/trino_stackable_tech_trino_catalog_v1alpha1_manifest.md
@@ -108,19 +108,22 @@ Required:
Optional:
-- `inline` (Attributes) Inline definition of an S3 connection. (see [below for nested schema](#nestedatt--spec--connector--delta_lake--s3--inline))
-- `reference` (String) A reference to an S3Connection resource.
+- `inline` (Attributes) S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--connector--delta_lake--s3--inline))
+- `reference` (String)
### Nested Schema for `spec.connector.delta_lake.s3.inline`
+Required:
+
+- `host` (String) Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
+
Optional:
- `access_style` (String) Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).
- `credentials` (Attributes) If the S3 uses authentication you have to specify you S3 credentials. In the most cases a [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) providing 'accessKey' and 'secretKey' is sufficient. (see [below for nested schema](#nestedatt--spec--connector--delta_lake--s3--inline--credentials))
-- `host` (String) Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
- `port` (Number) Port the S3 server listens on. If not specified the product will determine the port to use.
-- `tls` (Attributes) If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. (see [below for nested schema](#nestedatt--spec--connector--delta_lake--s3--inline--tls))
+- `tls` (Attributes) Use a TLS connection. If not specified no TLS will be used. (see [below for nested schema](#nestedatt--spec--connector--delta_lake--s3--inline--tls))
### Nested Schema for `spec.connector.delta_lake.s3.inline.credentials`
@@ -138,6 +141,7 @@ Optional:
Optional:
+- `listener_volumes` (List of String) The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.
- `node` (Boolean) The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.
- `pod` (Boolean) The pod scope is resolved to the name of the Kubernetes Pod. This allows the secret to differentiate between StatefulSet replicas.
- `services` (List of String) The service scope allows Pod objects to specify custom scopes. This should typically correspond to Service objects that the Pod participates in.
@@ -207,10 +211,10 @@ Optional:
Required:
- `key` (String) The key to select.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the ConfigMap or its key must be defined
@@ -220,10 +224,10 @@ Optional:
Required:
- `key` (String) The key of the secret to select from. Must be a valid secret key.
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
Optional:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
- `optional` (Boolean) Specify whether the Secret or its key must be defined
@@ -284,19 +288,22 @@ Required:
Optional:
-- `inline` (Attributes) Inline definition of an S3 connection. (see [below for nested schema](#nestedatt--spec--connector--hive--s3--inline))
-- `reference` (String) A reference to an S3Connection resource.
+- `inline` (Attributes) S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--connector--hive--s3--inline))
+- `reference` (String)
### Nested Schema for `spec.connector.hive.s3.inline`
+Required:
+
+- `host` (String) Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
+
Optional:
- `access_style` (String) Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).
- `credentials` (Attributes) If the S3 uses authentication you have to specify you S3 credentials. In the most cases a [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) providing 'accessKey' and 'secretKey' is sufficient. (see [below for nested schema](#nestedatt--spec--connector--hive--s3--inline--credentials))
-- `host` (String) Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
- `port` (Number) Port the S3 server listens on. If not specified the product will determine the port to use.
-- `tls` (Attributes) If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. (see [below for nested schema](#nestedatt--spec--connector--hive--s3--inline--tls))
+- `tls` (Attributes) Use a TLS connection. If not specified no TLS will be used. (see [below for nested schema](#nestedatt--spec--connector--hive--s3--inline--tls))
### Nested Schema for `spec.connector.hive.s3.inline.credentials`
@@ -314,6 +321,7 @@ Optional:
Optional:
+- `listener_volumes` (List of String) The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.
- `node` (Boolean) The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.
- `pod` (Boolean) The pod scope is resolved to the name of the Kubernetes Pod. This allows the secret to differentiate between StatefulSet replicas.
- `services` (List of String) The service scope allows Pod objects to specify custom scopes. This should typically correspond to Service objects that the Pod participates in.
@@ -390,19 +398,22 @@ Required:
Optional:
-- `inline` (Attributes) Inline definition of an S3 connection. (see [below for nested schema](#nestedatt--spec--connector--iceberg--s3--inline))
-- `reference` (String) A reference to an S3Connection resource.
+- `inline` (Attributes) S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3). (see [below for nested schema](#nestedatt--spec--connector--iceberg--s3--inline))
+- `reference` (String)
### Nested Schema for `spec.connector.iceberg.s3.inline`
+Required:
+
+- `host` (String) Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
+
Optional:
- `access_style` (String) Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).
- `credentials` (Attributes) If the S3 uses authentication you have to specify you S3 credentials. In the most cases a [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass) providing 'accessKey' and 'secretKey' is sufficient. (see [below for nested schema](#nestedatt--spec--connector--iceberg--s3--inline--credentials))
-- `host` (String) Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.
- `port` (Number) Port the S3 server listens on. If not specified the product will determine the port to use.
-- `tls` (Attributes) If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting. (see [below for nested schema](#nestedatt--spec--connector--iceberg--s3--inline--tls))
+- `tls` (Attributes) Use a TLS connection. If not specified no TLS will be used. (see [below for nested schema](#nestedatt--spec--connector--iceberg--s3--inline--tls))
### Nested Schema for `spec.connector.iceberg.s3.inline.credentials`
@@ -420,6 +431,7 @@ Optional:
Optional:
+- `listener_volumes` (List of String) The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.
- `node` (Boolean) The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.
- `pod` (Boolean) The pod scope is resolved to the name of the Kubernetes Pod. This allows the secret to differentiate between StatefulSet replicas.
- `services` (List of String) The service scope allows Pod objects to specify custom scopes. This should typically correspond to Service objects that the Pod participates in.
diff --git a/docs/data-sources/trino_stackable_tech_trino_cluster_v1alpha1_manifest.md b/docs/data-sources/trino_stackable_tech_trino_cluster_v1alpha1_manifest.md
index 2c32fa7b7..656dc4468 100644
--- a/docs/data-sources/trino_stackable_tech_trino_cluster_v1alpha1_manifest.md
+++ b/docs/data-sources/trino_stackable_tech_trino_cluster_v1alpha1_manifest.md
@@ -109,11 +109,11 @@ Optional:
Required:
-- `authentication_class` (String) A name/key which references an authentication class. To get the concrete ['AuthenticationClass'], we must resolve it. This resolution can be achieved by using ['ClientAuthenticationDetails::resolve_class'].
+- `authentication_class` (String) Name of the [AuthenticationClass](https://docs.stackable.tech/home/nightly/concepts/authentication) used to authenticate users.
Optional:
-- `oidc` (Attributes) This field contains authentication provider specific configuration. Use ['ClientAuthenticationDetails::oidc_or_error'] to get the value or report an error to the user. (see [below for nested schema](#nestedatt--spec--cluster_config--authentication--oidc))
+- `oidc` (Attributes) This field contains OIDC-specific configuration. It is only required in case OIDC is used. (see [below for nested schema](#nestedatt--spec--cluster_config--authentication--oidc))
### Nested Schema for `spec.cluster_config.authentication.oidc`
@@ -173,9 +173,9 @@ Optional:
### Nested Schema for `spec.image.pull_secrets`
-Optional:
+Required:
-- `name` (String) Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
+- `name` (String) Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
@@ -231,16 +231,13 @@ Optional:
### Nested Schema for `spec.coordinators.role_groups.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.coordinators.role_groups.config.logging`
@@ -379,16 +376,13 @@ Optional:
### Nested Schema for `spec.coordinators.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.coordinators.config.logging`
@@ -572,16 +566,13 @@ Optional:
### Nested Schema for `spec.workers.role_groups.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.workers.role_groups.config.logging`
@@ -720,16 +711,13 @@ Optional:
### Nested Schema for `spec.workers.config.affinity`
-Required:
+Optional:
- `node_affinity` (Map of String) Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
+- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_affinity` (Map of String) Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
- `pod_anti_affinity` (Map of String) Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-Optional:
-
-- `node_selector` (Map of String) Simple key-value pairs forming a nodeSelector, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)
-
### Nested Schema for `spec.workers.config.logging`
diff --git a/internal/provider/anywhere_eks_amazonaws_com_v1alpha1/anywhere_eks_amazonaws_com_tinkerbell_datacenter_config_v1alpha1_manifest.go b/internal/provider/anywhere_eks_amazonaws_com_v1alpha1/anywhere_eks_amazonaws_com_tinkerbell_datacenter_config_v1alpha1_manifest.go
index 300d4ecd7..b1d91624f 100644
--- a/internal/provider/anywhere_eks_amazonaws_com_v1alpha1/anywhere_eks_amazonaws_com_tinkerbell_datacenter_config_v1alpha1_manifest.go
+++ b/internal/provider/anywhere_eks_amazonaws_com_v1alpha1/anywhere_eks_amazonaws_com_tinkerbell_datacenter_config_v1alpha1_manifest.go
@@ -44,6 +44,7 @@ type AnywhereEksAmazonawsComTinkerbellDatacenterConfigV1Alpha1ManifestData struc
Spec *struct {
HookImagesURLPath *string `tfsdk:"hook_images_url_path" json:"hookImagesURLPath,omitempty"`
+ LoadBalancerInterface *string `tfsdk:"load_balancer_interface" json:"loadBalancerInterface,omitempty"`
OsImageURL *string `tfsdk:"os_image_url" json:"osImageURL,omitempty"`
SkipLoadBalancerDeployment *bool `tfsdk:"skip_load_balancer_deployment" json:"skipLoadBalancerDeployment,omitempty"`
TinkerbellIP *string `tfsdk:"tinkerbell_ip" json:"tinkerbellIP,omitempty"`
@@ -135,6 +136,14 @@ func (r *AnywhereEksAmazonawsComTinkerbellDatacenterConfigV1Alpha1Manifest) Sche
Computed: false,
},
+ "load_balancer_interface": schema.StringAttribute{
+ Description: "LoadBalancerInterface can be used to configure a load balancer interface for the Tinkerbell stack.",
+ MarkdownDescription: "LoadBalancerInterface can be used to configure a load balancer interface for the Tinkerbell stack.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"os_image_url": schema.StringAttribute{
Description: "OSImageURL can be used to override the default OS image path to pull from a local server. OSImageURL is a URL to the OS image used during provisioning. To perform modular upgrades the OSImageURL must be specified on the TinkerbellMachineConfig objects. You cannot specify an OSImageURL on the TinkerbellDatacenterConfig and TinkerbellMachineConfigs simultaneously. It must include the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could be http://localhost:8080/ubuntu-2204-1.27.tgz",
MarkdownDescription: "OSImageURL can be used to override the default OS image path to pull from a local server. OSImageURL is a URL to the OS image used during provisioning. To perform modular upgrades the OSImageURL must be specified on the TinkerbellMachineConfig objects. You cannot specify an OSImageURL on the TinkerbellDatacenterConfig and TinkerbellMachineConfigs simultaneously. It must include the Kubernetes version(s). For example, a URL used for Kubernetes 1.27 could be http://localhost:8080/ubuntu-2204-1.27.tgz",
diff --git a/internal/provider/argoproj_io_v1alpha1/argoproj_io_argo_cd_v1alpha1_manifest.go b/internal/provider/argoproj_io_v1alpha1/argoproj_io_argo_cd_v1alpha1_manifest.go
index 45b57b89a..e9066e1e7 100644
--- a/internal/provider/argoproj_io_v1alpha1/argoproj_io_argo_cd_v1alpha1_manifest.go
+++ b/internal/provider/argoproj_io_v1alpha1/argoproj_io_argo_cd_v1alpha1_manifest.go
@@ -101,9 +101,12 @@ type ArgoprojIoArgoCdV1Alpha1ManifestData struct {
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
Tls *struct {
- CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
- Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
- DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
+ Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
+ DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ ExternalCertificate *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"external_certificate" json:"externalCertificate,omitempty"`
InsecureEdgeTerminationPolicy *string `tfsdk:"insecure_edge_termination_policy" json:"insecureEdgeTerminationPolicy,omitempty"`
Key *string `tfsdk:"key" json:"key,omitempty"`
Termination *string `tfsdk:"termination" json:"termination,omitempty"`
@@ -213,9 +216,12 @@ type ArgoprojIoArgoCdV1Alpha1ManifestData struct {
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
Tls *struct {
- CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
- Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
- DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
+ Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
+ DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ ExternalCertificate *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"external_certificate" json:"externalCertificate,omitempty"`
InsecureEdgeTerminationPolicy *string `tfsdk:"insecure_edge_termination_policy" json:"insecureEdgeTerminationPolicy,omitempty"`
Key *string `tfsdk:"key" json:"key,omitempty"`
Termination *string `tfsdk:"termination" json:"termination,omitempty"`
@@ -327,9 +333,12 @@ type ArgoprojIoArgoCdV1Alpha1ManifestData struct {
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
Tls *struct {
- CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
- Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
- DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
+ Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
+ DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ ExternalCertificate *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"external_certificate" json:"externalCertificate,omitempty"`
InsecureEdgeTerminationPolicy *string `tfsdk:"insecure_edge_termination_policy" json:"insecureEdgeTerminationPolicy,omitempty"`
Key *string `tfsdk:"key" json:"key,omitempty"`
Termination *string `tfsdk:"termination" json:"termination,omitempty"`
@@ -1285,9 +1294,12 @@ type ArgoprojIoArgoCdV1Alpha1ManifestData struct {
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
Tls *struct {
- CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
- Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
- DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
+ Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
+ DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ ExternalCertificate *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"external_certificate" json:"externalCertificate,omitempty"`
InsecureEdgeTerminationPolicy *string `tfsdk:"insecure_edge_termination_policy" json:"insecureEdgeTerminationPolicy,omitempty"`
Key *string `tfsdk:"key" json:"key,omitempty"`
Termination *string `tfsdk:"termination" json:"termination,omitempty"`
@@ -1822,8 +1834,8 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
},
"certificate": schema.StringAttribute{
- Description: "certificate provides certificate contents",
- MarkdownDescription: "certificate provides certificate contents",
+ Description: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
+ MarkdownDescription: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
Required: false,
Optional: true,
Computed: false,
@@ -1837,12 +1849,32 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
Computed: false,
},
+ "external_certificate": schema.SingleNestedAttribute{
+ Description: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ MarkdownDescription: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"insecure_edge_termination_policy": schema.StringAttribute{
- Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
- MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
Required: false,
Optional: true,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("Allow", "None", "Redirect", ""),
+ },
},
"key": schema.StringAttribute{
@@ -1854,11 +1886,14 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
},
"termination": schema.StringAttribute{
- Description: "termination indicates termination type.",
- MarkdownDescription: "termination indicates termination type.",
+ Description: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
+ MarkdownDescription: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
Required: true,
Optional: false,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("edge", "reencrypt", "passthrough"),
+ },
},
},
Required: false,
@@ -2589,8 +2624,8 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
},
"certificate": schema.StringAttribute{
- Description: "certificate provides certificate contents",
- MarkdownDescription: "certificate provides certificate contents",
+ Description: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
+ MarkdownDescription: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
Required: false,
Optional: true,
Computed: false,
@@ -2604,12 +2639,32 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
Computed: false,
},
+ "external_certificate": schema.SingleNestedAttribute{
+ Description: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ MarkdownDescription: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"insecure_edge_termination_policy": schema.StringAttribute{
- Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
- MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
Required: false,
Optional: true,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("Allow", "None", "Redirect", ""),
+ },
},
"key": schema.StringAttribute{
@@ -2621,11 +2676,14 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
},
"termination": schema.StringAttribute{
- Description: "termination indicates termination type.",
- MarkdownDescription: "termination indicates termination type.",
+ Description: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
+ MarkdownDescription: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
Required: true,
Optional: false,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("edge", "reencrypt", "passthrough"),
+ },
},
},
Required: false,
@@ -3361,8 +3419,8 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
},
"certificate": schema.StringAttribute{
- Description: "certificate provides certificate contents",
- MarkdownDescription: "certificate provides certificate contents",
+ Description: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
+ MarkdownDescription: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
Required: false,
Optional: true,
Computed: false,
@@ -3376,12 +3434,32 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
Computed: false,
},
+ "external_certificate": schema.SingleNestedAttribute{
+ Description: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ MarkdownDescription: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"insecure_edge_termination_policy": schema.StringAttribute{
- Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
- MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
Required: false,
Optional: true,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("Allow", "None", "Redirect", ""),
+ },
},
"key": schema.StringAttribute{
@@ -3393,11 +3471,14 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
},
"termination": schema.StringAttribute{
- Description: "termination indicates termination type.",
- MarkdownDescription: "termination indicates termination type.",
+ Description: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
+ MarkdownDescription: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
Required: true,
Optional: false,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("edge", "reencrypt", "passthrough"),
+ },
},
},
Required: false,
@@ -9774,8 +9855,8 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
},
"certificate": schema.StringAttribute{
- Description: "certificate provides certificate contents",
- MarkdownDescription: "certificate provides certificate contents",
+ Description: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
+ MarkdownDescription: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
Required: false,
Optional: true,
Computed: false,
@@ -9789,12 +9870,32 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
Computed: false,
},
+ "external_certificate": schema.SingleNestedAttribute{
+ Description: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ MarkdownDescription: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"insecure_edge_termination_policy": schema.StringAttribute{
- Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
- MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
Required: false,
Optional: true,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("Allow", "None", "Redirect", ""),
+ },
},
"key": schema.StringAttribute{
@@ -9806,11 +9907,14 @@ func (r *ArgoprojIoArgoCdV1Alpha1Manifest) Schema(_ context.Context, _ datasourc
},
"termination": schema.StringAttribute{
- Description: "termination indicates termination type.",
- MarkdownDescription: "termination indicates termination type.",
+ Description: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
+ MarkdownDescription: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
Required: true,
Optional: false,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("edge", "reencrypt", "passthrough"),
+ },
},
},
Required: false,
diff --git a/internal/provider/argoproj_io_v1beta1/argoproj_io_argo_cd_v1beta1_manifest.go b/internal/provider/argoproj_io_v1beta1/argoproj_io_argo_cd_v1beta1_manifest.go
index 1931cdb35..12b7d8b62 100644
--- a/internal/provider/argoproj_io_v1beta1/argoproj_io_argo_cd_v1beta1_manifest.go
+++ b/internal/provider/argoproj_io_v1beta1/argoproj_io_argo_cd_v1beta1_manifest.go
@@ -47,8 +47,9 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
AggregatedClusterRoles *bool `tfsdk:"aggregated_cluster_roles" json:"aggregatedClusterRoles,omitempty"`
ApplicationInstanceLabelKey *string `tfsdk:"application_instance_label_key" json:"applicationInstanceLabelKey,omitempty"`
ApplicationSet *struct {
- Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
- Env *[]struct {
+ Annotations *map[string]string `tfsdk:"annotations" json:"annotations,omitempty"`
+ Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
+ Env *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
ValueFrom *struct {
@@ -73,9 +74,10 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
} `tfsdk:"secret_key_ref" json:"secretKeyRef,omitempty"`
} `tfsdk:"value_from" json:"valueFrom,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
- ExtraCommandArgs *[]string `tfsdk:"extra_command_args" json:"extraCommandArgs,omitempty"`
- Image *string `tfsdk:"image" json:"image,omitempty"`
- LogLevel *string `tfsdk:"log_level" json:"logLevel,omitempty"`
+ ExtraCommandArgs *[]string `tfsdk:"extra_command_args" json:"extraCommandArgs,omitempty"`
+ Image *string `tfsdk:"image" json:"image,omitempty"`
+ Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
+ LogLevel *string `tfsdk:"log_level" json:"logLevel,omitempty"`
Resources *struct {
Claims *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
@@ -105,9 +107,12 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
Tls *struct {
- CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
- Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
- DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
+ Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
+ DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ ExternalCertificate *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"external_certificate" json:"externalCertificate,omitempty"`
InsecureEdgeTerminationPolicy *string `tfsdk:"insecure_edge_termination_policy" json:"insecureEdgeTerminationPolicy,omitempty"`
Key *string `tfsdk:"key" json:"key,omitempty"`
Termination *string `tfsdk:"termination" json:"termination,omitempty"`
@@ -122,9 +127,10 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
} `tfsdk:"banner" json:"banner,omitempty"`
ConfigManagementPlugins *string `tfsdk:"config_management_plugins" json:"configManagementPlugins,omitempty"`
Controller *struct {
- AppSync *string `tfsdk:"app_sync" json:"appSync,omitempty"`
- Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
- Env *[]struct {
+ Annotations *map[string]string `tfsdk:"annotations" json:"annotations,omitempty"`
+ AppSync *string `tfsdk:"app_sync" json:"appSync,omitempty"`
+ Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
+ Env *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
ValueFrom *struct {
@@ -386,9 +392,10 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
- LogFormat *string `tfsdk:"log_format" json:"logFormat,omitempty"`
- LogLevel *string `tfsdk:"log_level" json:"logLevel,omitempty"`
- ParallelismLimit *int64 `tfsdk:"parallelism_limit" json:"parallelismLimit,omitempty"`
+ Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
+ LogFormat *string `tfsdk:"log_format" json:"logFormat,omitempty"`
+ LogLevel *string `tfsdk:"log_level" json:"logLevel,omitempty"`
+ ParallelismLimit *int64 `tfsdk:"parallelism_limit" json:"parallelismLimit,omitempty"`
Processors *struct {
Operation *int64 `tfsdk:"operation" json:"operation,omitempty"`
Status *int64 `tfsdk:"status" json:"status,omitempty"`
@@ -976,9 +983,12 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
Tls *struct {
- CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
- Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
- DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
+ Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
+ DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ ExternalCertificate *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"external_certificate" json:"externalCertificate,omitempty"`
InsecureEdgeTerminationPolicy *string `tfsdk:"insecure_edge_termination_policy" json:"insecureEdgeTerminationPolicy,omitempty"`
Key *string `tfsdk:"key" json:"key,omitempty"`
Termination *string `tfsdk:"termination" json:"termination,omitempty"`
@@ -1090,9 +1100,12 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
Tls *struct {
- CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
- Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
- DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
+ Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
+ DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ ExternalCertificate *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"external_certificate" json:"externalCertificate,omitempty"`
InsecureEdgeTerminationPolicy *string `tfsdk:"insecure_edge_termination_policy" json:"insecureEdgeTerminationPolicy,omitempty"`
Key *string `tfsdk:"key" json:"key,omitempty"`
Termination *string `tfsdk:"termination" json:"termination,omitempty"`
@@ -1123,9 +1136,10 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
Version *string `tfsdk:"version" json:"version,omitempty"`
} `tfsdk:"redis" json:"redis,omitempty"`
Repo *struct {
- Autotls *string `tfsdk:"autotls" json:"autotls,omitempty"`
- Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
- Env *[]struct {
+ Annotations *map[string]string `tfsdk:"annotations" json:"annotations,omitempty"`
+ Autotls *string `tfsdk:"autotls" json:"autotls,omitempty"`
+ Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
+ Env *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
ValueFrom *struct {
@@ -1389,11 +1403,12 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
- LogFormat *string `tfsdk:"log_format" json:"logFormat,omitempty"`
- LogLevel *string `tfsdk:"log_level" json:"logLevel,omitempty"`
- Mountsatoken *bool `tfsdk:"mountsatoken" json:"mountsatoken,omitempty"`
- Remote *string `tfsdk:"remote" json:"remote,omitempty"`
- Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
+ Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
+ LogFormat *string `tfsdk:"log_format" json:"logFormat,omitempty"`
+ LogLevel *string `tfsdk:"log_level" json:"logLevel,omitempty"`
+ Mountsatoken *bool `tfsdk:"mountsatoken" json:"mountsatoken,omitempty"`
+ Remote *string `tfsdk:"remote" json:"remote,omitempty"`
+ Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
Resources *struct {
Claims *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
@@ -1971,7 +1986,8 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
ResourceInclusions *string `tfsdk:"resource_inclusions" json:"resourceInclusions,omitempty"`
ResourceTrackingMethod *string `tfsdk:"resource_tracking_method" json:"resourceTrackingMethod,omitempty"`
Server *struct {
- Autoscale *struct {
+ Annotations *map[string]string `tfsdk:"annotations" json:"annotations,omitempty"`
+ Autoscale *struct {
Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
Hpa *struct {
MaxReplicas *int64 `tfsdk:"max_replicas" json:"maxReplicas,omitempty"`
@@ -2271,10 +2287,11 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
- Insecure *bool `tfsdk:"insecure" json:"insecure,omitempty"`
- LogFormat *string `tfsdk:"log_format" json:"logFormat,omitempty"`
- LogLevel *string `tfsdk:"log_level" json:"logLevel,omitempty"`
- Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
+ Insecure *bool `tfsdk:"insecure" json:"insecure,omitempty"`
+ Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
+ LogFormat *string `tfsdk:"log_format" json:"logFormat,omitempty"`
+ LogLevel *string `tfsdk:"log_level" json:"logLevel,omitempty"`
+ Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
Resources *struct {
Claims *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
@@ -2288,9 +2305,12 @@ type ArgoprojIoArgoCdV1Beta1ManifestData struct {
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
Tls *struct {
- CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
- Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
- DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ CaCertificate *string `tfsdk:"ca_certificate" json:"caCertificate,omitempty"`
+ Certificate *string `tfsdk:"certificate" json:"certificate,omitempty"`
+ DestinationCACertificate *string `tfsdk:"destination_ca_certificate" json:"destinationCACertificate,omitempty"`
+ ExternalCertificate *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"external_certificate" json:"externalCertificate,omitempty"`
InsecureEdgeTerminationPolicy *string `tfsdk:"insecure_edge_termination_policy" json:"insecureEdgeTerminationPolicy,omitempty"`
Key *string `tfsdk:"key" json:"key,omitempty"`
Termination *string `tfsdk:"termination" json:"termination,omitempty"`
@@ -3003,6 +3023,15 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Description: "ArgoCDApplicationSet defines whether the Argo CD ApplicationSet controller should be installed.",
MarkdownDescription: "ArgoCDApplicationSet defines whether the Argo CD ApplicationSet controller should be installed.",
Attributes: map[string]schema.Attribute{
+ "annotations": schema.MapAttribute{
+ Description: "Custom annotations to pods deployed by the operator",
+ MarkdownDescription: "Custom annotations to pods deployed by the operator",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"enabled": schema.BoolAttribute{
Description: "Enabled is the flag to enable the Application Set Controller during ArgoCD installation. (optional, default 'true')",
MarkdownDescription: "Enabled is the flag to enable the Application Set Controller during ArgoCD installation. (optional, default 'true')",
@@ -3188,6 +3217,15 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Computed: false,
},
+ "labels": schema.MapAttribute{
+ Description: "Custom labels to pods deployed by the operator",
+ MarkdownDescription: "Custom labels to pods deployed by the operator",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"log_level": schema.StringAttribute{
Description: "LogLevel describes the log level that should be used by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug,info, error, and warn.",
MarkdownDescription: "LogLevel describes the log level that should be used by the ApplicationSet controller. Defaults to ArgoCDDefaultLogLevel if not set. Valid options are debug,info, error, and warn.",
@@ -3409,8 +3447,8 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
},
"certificate": schema.StringAttribute{
- Description: "certificate provides certificate contents",
- MarkdownDescription: "certificate provides certificate contents",
+ Description: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
+ MarkdownDescription: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
Required: false,
Optional: true,
Computed: false,
@@ -3424,12 +3462,32 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Computed: false,
},
+ "external_certificate": schema.SingleNestedAttribute{
+ Description: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ MarkdownDescription: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"insecure_edge_termination_policy": schema.StringAttribute{
- Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
- MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
Required: false,
Optional: true,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("Allow", "None", "Redirect", ""),
+ },
},
"key": schema.StringAttribute{
@@ -3441,11 +3499,14 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
},
"termination": schema.StringAttribute{
- Description: "termination indicates termination type.",
- MarkdownDescription: "termination indicates termination type.",
+ Description: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
+ MarkdownDescription: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
Required: true,
Optional: false,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("edge", "reencrypt", "passthrough"),
+ },
},
},
Required: false,
@@ -3513,6 +3574,15 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Description: "Controller defines the Application Controller options for ArgoCD.",
MarkdownDescription: "Controller defines the Application Controller options for ArgoCD.",
Attributes: map[string]schema.Attribute{
+ "annotations": schema.MapAttribute{
+ Description: "Custom annotations to pods deployed by the operator",
+ MarkdownDescription: "Custom annotations to pods deployed by the operator",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"app_sync": schema.StringAttribute{
Description: "AppSync is used to control the sync frequency, by default the ArgoCD controller polls Git every 3m. Set this to a duration, e.g. 10m or 600s to control the synchronisation frequency.",
MarkdownDescription: "AppSync is used to control the sync frequency, by default the ArgoCD controller polls Git every 3m. Set this to a duration, e.g. 10m or 600s to control the synchronisation frequency.",
@@ -5273,6 +5343,15 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Computed: false,
},
+ "labels": schema.MapAttribute{
+ Description: "Custom labels to pods deployed by the operator",
+ MarkdownDescription: "Custom labels to pods deployed by the operator",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"log_format": schema.StringAttribute{
Description: "LogFormat refers to the log format used by the Application Controller component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.",
MarkdownDescription: "LogFormat refers to the log format used by the Application Controller component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.",
@@ -9240,8 +9319,8 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
},
"certificate": schema.StringAttribute{
- Description: "certificate provides certificate contents",
- MarkdownDescription: "certificate provides certificate contents",
+ Description: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
+ MarkdownDescription: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
Required: false,
Optional: true,
Computed: false,
@@ -9255,12 +9334,32 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Computed: false,
},
+ "external_certificate": schema.SingleNestedAttribute{
+ Description: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ MarkdownDescription: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"insecure_edge_termination_policy": schema.StringAttribute{
- Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
- MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
Required: false,
Optional: true,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("Allow", "None", "Redirect", ""),
+ },
},
"key": schema.StringAttribute{
@@ -9272,11 +9371,14 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
},
"termination": schema.StringAttribute{
- Description: "termination indicates termination type.",
- MarkdownDescription: "termination indicates termination type.",
+ Description: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
+ MarkdownDescription: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
Required: true,
Optional: false,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("edge", "reencrypt", "passthrough"),
+ },
},
},
Required: false,
@@ -10012,8 +10114,8 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
},
"certificate": schema.StringAttribute{
- Description: "certificate provides certificate contents",
- MarkdownDescription: "certificate provides certificate contents",
+ Description: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
+ MarkdownDescription: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
Required: false,
Optional: true,
Computed: false,
@@ -10027,12 +10129,32 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Computed: false,
},
+ "external_certificate": schema.SingleNestedAttribute{
+ Description: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ MarkdownDescription: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"insecure_edge_termination_policy": schema.StringAttribute{
- Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
- MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
Required: false,
Optional: true,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("Allow", "None", "Redirect", ""),
+ },
},
"key": schema.StringAttribute{
@@ -10044,11 +10166,14 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
},
"termination": schema.StringAttribute{
- Description: "termination indicates termination type.",
- MarkdownDescription: "termination indicates termination type.",
+ Description: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
+ MarkdownDescription: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
Required: true,
Optional: false,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("edge", "reencrypt", "passthrough"),
+ },
},
},
Required: false,
@@ -10230,6 +10355,15 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Description: "Repo defines the repo server options for Argo CD.",
MarkdownDescription: "Repo defines the repo server options for Argo CD.",
Attributes: map[string]schema.Attribute{
+ "annotations": schema.MapAttribute{
+ Description: "Custom annotations to pods deployed by the operator",
+ MarkdownDescription: "Custom annotations to pods deployed by the operator",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"autotls": schema.StringAttribute{
Description: "AutoTLS specifies the method to use for automatic TLS configuration for the repo server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config",
MarkdownDescription: "AutoTLS specifies the method to use for automatic TLS configuration for the repo server The value specified here can currently be: - openshift - Use the OpenShift service CA to request TLS config",
@@ -12006,6 +12140,15 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Computed: false,
},
+ "labels": schema.MapAttribute{
+ Description: "Custom labels to pods deployed by the operator",
+ MarkdownDescription: "Custom labels to pods deployed by the operator",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"log_format": schema.StringAttribute{
Description: "LogFormat describes the log format that should be used by the Repo Server. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.",
MarkdownDescription: "LogFormat describes the log format that should be used by the Repo Server. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.",
@@ -15903,6 +16046,15 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Description: "Server defines the options for the ArgoCD Server component.",
MarkdownDescription: "Server defines the options for the ArgoCD Server component.",
Attributes: map[string]schema.Attribute{
+ "annotations": schema.MapAttribute{
+ Description: "Custom annotations to pods deployed by the operator",
+ MarkdownDescription: "Custom annotations to pods deployed by the operator",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"autoscale": schema.SingleNestedAttribute{
Description: "Autoscale defines the autoscale options for the Argo CD Server component.",
MarkdownDescription: "Autoscale defines the autoscale options for the Argo CD Server component.",
@@ -17911,6 +18063,15 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Computed: false,
},
+ "labels": schema.MapAttribute{
+ Description: "Custom labels to pods deployed by the operator",
+ MarkdownDescription: "Custom labels to pods deployed by the operator",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"log_format": schema.StringAttribute{
Description: "LogFormat refers to the log level to be used by the ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.",
MarkdownDescription: "LogFormat refers to the log level to be used by the ArgoCD Server component. Defaults to ArgoCDDefaultLogFormat if not configured. Valid options are text or json.",
@@ -18032,8 +18193,8 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
},
"certificate": schema.StringAttribute{
- Description: "certificate provides certificate contents",
- MarkdownDescription: "certificate provides certificate contents",
+ Description: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
+ MarkdownDescription: "certificate provides certificate contents. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate.",
Required: false,
Optional: true,
Computed: false,
@@ -18047,12 +18208,32 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
Computed: false,
},
+ "external_certificate": schema.SingleNestedAttribute{
+ Description: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ MarkdownDescription: "externalCertificate provides certificate contents as a secret reference. This should be a single serving certificate, not a certificate chain. Do not include a CA certificate. The secret referenced should be present in the same namespace as that of the Route. Forbidden when 'certificate' is set.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"insecure_edge_termination_policy": schema.StringAttribute{
- Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
- MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (default) * Disable - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ Description: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
+ MarkdownDescription: "insecureEdgeTerminationPolicy indicates the desired behavior for insecure connections to a route. While each router may make its own decisions on which ports to expose, this is normally port 80. * Allow - traffic is sent to the server on the insecure port (edge/reencrypt terminations only) (default). * None - no traffic is allowed on the insecure port. * Redirect - clients are redirected to the secure port.",
Required: false,
Optional: true,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("Allow", "None", "Redirect", ""),
+ },
},
"key": schema.StringAttribute{
@@ -18064,11 +18245,14 @@ func (r *ArgoprojIoArgoCdV1Beta1Manifest) Schema(_ context.Context, _ datasource
},
"termination": schema.StringAttribute{
- Description: "termination indicates termination type.",
- MarkdownDescription: "termination indicates termination type.",
+ Description: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
+ MarkdownDescription: "termination indicates termination type. * edge - TLS termination is done by the router and http is used to communicate with the backend (default) * passthrough - Traffic is sent straight to the destination without the router providing TLS termination * reencrypt - TLS termination is done by the router and https is used to communicate with the backend Note: passthrough termination is incompatible with httpHeader actions",
Required: true,
Optional: false,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("edge", "reencrypt", "passthrough"),
+ },
},
},
Required: false,
diff --git a/internal/provider/camel_apache_org_v1/camel_apache_org_integration_profile_v1_manifest.go b/internal/provider/camel_apache_org_v1/camel_apache_org_integration_profile_v1_manifest.go
index 00be5660a..06533298c 100644
--- a/internal/provider/camel_apache_org_v1/camel_apache_org_integration_profile_v1_manifest.go
+++ b/internal/provider/camel_apache_org_v1/camel_apache_org_integration_profile_v1_manifest.go
@@ -483,8 +483,8 @@ func (r *CamelApacheOrgIntegrationProfileV1Manifest) Metadata(_ context.Context,
func (r *CamelApacheOrgIntegrationProfileV1Manifest) Schema(_ context.Context, _ datasource.SchemaRequest, response *datasource.SchemaResponse) {
response.Schema = schema.Schema{
- Description: "IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources ('IntegrationKit', 'Integration', 'Kamelet') in the given namespace.",
- MarkdownDescription: "IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources ('IntegrationKit', 'Integration', 'Kamelet') in the given namespace.",
+ Description: "IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources ('IntegrationKit', 'Integration', 'Kamelet') in the given namespace. Deprecated: may be removed in future releases. Make use of IntegrationPlatform instead.",
+ MarkdownDescription: "IntegrationProfile is the resource used to apply user defined settings to the Camel K operator behavior. It defines the behavior of all Custom Resources ('IntegrationKit', 'Integration', 'Kamelet') in the given namespace. Deprecated: may be removed in future releases. Make use of IntegrationPlatform instead.",
Attributes: map[string]schema.Attribute{
"yaml": schema.StringAttribute{
Description: "The generated manifest in YAML format.",
diff --git a/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_cluster_v1_manifest.go b/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_cluster_v1_manifest.go
index 03770ff2f..f5c96ba27 100644
--- a/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_cluster_v1_manifest.go
+++ b/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_cluster_v1_manifest.go
@@ -3217,8 +3217,8 @@ func (r *CephRookIoCephClusterV1Manifest) Schema(_ context.Context, _ datasource
},
"selectors": schema.MapAttribute{
- Description: "Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks when the 'multus' network provider is used. This config section is not used for other network providers. Valid keys are 'public' and 'cluster'. Refer to Ceph networking documentation for more: https://docs.ceph.com/en/reef/rados/configuration/network-config-ref/ Refer to Multus network annotation documentation for help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation Rook will make a best-effort attempt to automatically detect CIDR address ranges for given network attachment definitions. Rook's methods are robust but may be imprecise for sufficiently complicated networks. Rook's auto-detection process obtains a new IP address lease for each CephCluster reconcile. If Rook fails to detect, incorrectly detects, only partially detects, or if underlying networks do not support reusing old IP addresses, it is best to use the 'addressRanges' config section to specify CIDR ranges for the Ceph cluster. As a contrived example, one can use a theoretical Kubernetes-wide network for Ceph client traffic and a theoretical Rook-only network for Ceph replication traffic as shown: selectors: public: 'default/cluster-fast-net' cluster: 'rook-ceph/ceph-backend-net'",
- MarkdownDescription: "Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks when the 'multus' network provider is used. This config section is not used for other network providers. Valid keys are 'public' and 'cluster'. Refer to Ceph networking documentation for more: https://docs.ceph.com/en/reef/rados/configuration/network-config-ref/ Refer to Multus network annotation documentation for help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation Rook will make a best-effort attempt to automatically detect CIDR address ranges for given network attachment definitions. Rook's methods are robust but may be imprecise for sufficiently complicated networks. Rook's auto-detection process obtains a new IP address lease for each CephCluster reconcile. If Rook fails to detect, incorrectly detects, only partially detects, or if underlying networks do not support reusing old IP addresses, it is best to use the 'addressRanges' config section to specify CIDR ranges for the Ceph cluster. As a contrived example, one can use a theoretical Kubernetes-wide network for Ceph client traffic and a theoretical Rook-only network for Ceph replication traffic as shown: selectors: public: 'default/cluster-fast-net' cluster: 'rook-ceph/ceph-backend-net'",
+ Description: "Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks when the 'multus' network provider is used. This config section is not used for other network providers. Valid keys are 'public' and 'cluster'. Refer to Ceph networking documentation for more: https://docs.ceph.com/en/latest/rados/configuration/network-config-ref/ Refer to Multus network annotation documentation for help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation Rook will make a best-effort attempt to automatically detect CIDR address ranges for given network attachment definitions. Rook's methods are robust but may be imprecise for sufficiently complicated networks. Rook's auto-detection process obtains a new IP address lease for each CephCluster reconcile. If Rook fails to detect, incorrectly detects, only partially detects, or if underlying networks do not support reusing old IP addresses, it is best to use the 'addressRanges' config section to specify CIDR ranges for the Ceph cluster. As a contrived example, one can use a theoretical Kubernetes-wide network for Ceph client traffic and a theoretical Rook-only network for Ceph replication traffic as shown: selectors: public: 'default/cluster-fast-net' cluster: 'rook-ceph/ceph-backend-net'",
+ MarkdownDescription: "Selectors define NetworkAttachmentDefinitions to be used for Ceph public and/or cluster networks when the 'multus' network provider is used. This config section is not used for other network providers. Valid keys are 'public' and 'cluster'. Refer to Ceph networking documentation for more: https://docs.ceph.com/en/latest/rados/configuration/network-config-ref/ Refer to Multus network annotation documentation for help selecting values: https://github.com/k8snetworkplumbingwg/multus-cni/blob/master/docs/how-to-use.md#run-pod-with-network-annotation Rook will make a best-effort attempt to automatically detect CIDR address ranges for given network attachment definitions. Rook's methods are robust but may be imprecise for sufficiently complicated networks. Rook's auto-detection process obtains a new IP address lease for each CephCluster reconcile. If Rook fails to detect, incorrectly detects, only partially detects, or if underlying networks do not support reusing old IP addresses, it is best to use the 'addressRanges' config section to specify CIDR ranges for the Ceph cluster. As a contrived example, one can use a theoretical Kubernetes-wide network for Ceph client traffic and a theoretical Rook-only network for Ceph replication traffic as shown: selectors: public: 'default/cluster-fast-net' cluster: 'rook-ceph/ceph-backend-net'",
ElementType: types.StringType,
Required: false,
Optional: true,
diff --git a/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_store_user_v1_manifest.go b/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_store_user_v1_manifest.go
index a20280179..60806e391 100644
--- a/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_store_user_v1_manifest.go
+++ b/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_store_user_v1_manifest.go
@@ -154,8 +154,8 @@ func (r *CephRookIoCephObjectStoreUserV1Manifest) Schema(_ context.Context, _ da
MarkdownDescription: "Additional admin-level capabilities for the Ceph object store user",
Attributes: map[string]schema.Attribute{
"amz_cache": schema.StringAttribute{
- Description: "Add capabilities for user to send request to RGW Cache API header. Documented in https://docs.ceph.com/en/quincy/radosgw/rgw-cache/#cache-api",
- MarkdownDescription: "Add capabilities for user to send request to RGW Cache API header. Documented in https://docs.ceph.com/en/quincy/radosgw/rgw-cache/#cache-api",
+ Description: "Add capabilities for user to send request to RGW Cache API header. Documented in https://docs.ceph.com/en/latest/radosgw/rgw-cache/#cache-api",
+ MarkdownDescription: "Add capabilities for user to send request to RGW Cache API header. Documented in https://docs.ceph.com/en/latest/radosgw/rgw-cache/#cache-api",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_store_v1_manifest.go b/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_store_v1_manifest.go
index 58f33a704..dc6f8d880 100644
--- a/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_store_v1_manifest.go
+++ b/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_store_v1_manifest.go
@@ -3405,8 +3405,8 @@ func (r *CephRookIoCephObjectStoreV1Manifest) Schema(_ context.Context, _ dataso
},
"dns_names": schema.ListAttribute{
- Description: "A list of DNS host names on which object store gateways will accept client S3 connections. When specified, object store gateways will reject client S3 connections to hostnames that are not present in this list, so include all endpoints. The object store's advertiseEndpoint and Kubernetes service endpoint, plus CephObjectZone 'customEndpoints' are automatically added to the list but may be set here again if desired. Each DNS name must be valid according RFC-1123. If the DNS name corresponds to an endpoint with DNS wildcard support, do not include the wildcard itself in the list of hostnames. E.g., use 'mystore.example.com' instead of '*.mystore.example.com'. The feature is supported only for Ceph v18 and later versions.",
- MarkdownDescription: "A list of DNS host names on which object store gateways will accept client S3 connections. When specified, object store gateways will reject client S3 connections to hostnames that are not present in this list, so include all endpoints. The object store's advertiseEndpoint and Kubernetes service endpoint, plus CephObjectZone 'customEndpoints' are automatically added to the list but may be set here again if desired. Each DNS name must be valid according RFC-1123. If the DNS name corresponds to an endpoint with DNS wildcard support, do not include the wildcard itself in the list of hostnames. E.g., use 'mystore.example.com' instead of '*.mystore.example.com'. The feature is supported only for Ceph v18 and later versions.",
+ Description: "A list of DNS host names on which object store gateways will accept client S3 connections. When specified, object store gateways will reject client S3 connections to hostnames that are not present in this list, so include all endpoints. The object store's advertiseEndpoint and Kubernetes service endpoint, plus CephObjectZone 'customEndpoints' are automatically added to the list but may be set here again if desired. Each DNS name must be valid according RFC-1123. If the DNS name corresponds to an endpoint with DNS wildcard support, do not include the wildcard itself in the list of hostnames. E.g., use 'mystore.example.com' instead of '*.mystore.example.com'.",
+ MarkdownDescription: "A list of DNS host names on which object store gateways will accept client S3 connections. When specified, object store gateways will reject client S3 connections to hostnames that are not present in this list, so include all endpoints. The object store's advertiseEndpoint and Kubernetes service endpoint, plus CephObjectZone 'customEndpoints' are automatically added to the list but may be set here again if desired. Each DNS name must be valid according RFC-1123. If the DNS name corresponds to an endpoint with DNS wildcard support, do not include the wildcard itself in the list of hostnames. E.g., use 'mystore.example.com' instead of '*.mystore.example.com'.",
ElementType: types.StringType,
Required: false,
Optional: true,
diff --git a/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_zone_v1_manifest.go b/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_zone_v1_manifest.go
index b0a14d175..afee57bfd 100644
--- a/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_zone_v1_manifest.go
+++ b/internal/provider/ceph_rook_io_v1/ceph_rook_io_ceph_object_zone_v1_manifest.go
@@ -605,8 +605,8 @@ func (r *CephRookIoCephObjectZoneV1Manifest) Schema(_ context.Context, _ datasou
Computed: false,
},
},
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -963,8 +963,8 @@ func (r *CephRookIoCephObjectZoneV1Manifest) Schema(_ context.Context, _ datasou
Computed: false,
},
},
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
diff --git a/internal/provider/chainsaw_kyverno_io_v1alpha1/chainsaw_kyverno_io_configuration_v1alpha1_manifest.go b/internal/provider/chainsaw_kyverno_io_v1alpha1/chainsaw_kyverno_io_configuration_v1alpha1_manifest.go
index d71599dc1..8deda8785 100644
--- a/internal/provider/chainsaw_kyverno_io_v1alpha1/chainsaw_kyverno_io_configuration_v1alpha1_manifest.go
+++ b/internal/provider/chainsaw_kyverno_io_v1alpha1/chainsaw_kyverno_io_configuration_v1alpha1_manifest.go
@@ -48,8 +48,9 @@ type ChainsawKyvernoIoConfigurationV1Alpha1ManifestData struct {
Command *struct {
Args *[]string `tfsdk:"args" json:"args,omitempty"`
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -59,22 +60,26 @@ type ChainsawKyvernoIoConfigurationV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Entrypoint *string `tfsdk:"entrypoint" json:"entrypoint,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
WorkDir *string `tfsdk:"work_dir" json:"workDir,omitempty"`
} `tfsdk:"command" json:"command,omitempty"`
- Delete *struct {
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Delete *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -153,8 +158,9 @@ type ChainsawKyvernoIoConfigurationV1Alpha1ManifestData struct {
} `tfsdk:"pod_logs" json:"podLogs,omitempty"`
Script *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -164,13 +170,15 @@ type ChainsawKyvernoIoConfigurationV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Content *string `tfsdk:"content" json:"content,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
@@ -209,6 +217,7 @@ type ChainsawKyvernoIoConfigurationV1Alpha1ManifestData struct {
Context *string `tfsdk:"context" json:"context,omitempty"`
Kubeconfig *string `tfsdk:"kubeconfig" json:"kubeconfig,omitempty"`
} `tfsdk:"clusters" json:"clusters,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
DelayBeforeCleanup *string `tfsdk:"delay_before_cleanup" json:"delayBeforeCleanup,omitempty"`
DeletionPropagationPolicy *string `tfsdk:"deletion_propagation_policy" json:"deletionPropagationPolicy,omitempty"`
ExcludeTestRegex *string `tfsdk:"exclude_test_regex" json:"excludeTestRegex,omitempty"`
@@ -218,6 +227,7 @@ type ChainsawKyvernoIoConfigurationV1Alpha1ManifestData struct {
IncludeTestRegex *string `tfsdk:"include_test_regex" json:"includeTestRegex,omitempty"`
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
NamespaceTemplate *map[string]string `tfsdk:"namespace_template" json:"namespaceTemplate,omitempty"`
+ NamespaceTemplateCompiler *string `tfsdk:"namespace_template_compiler" json:"namespaceTemplateCompiler,omitempty"`
Parallel *int64 `tfsdk:"parallel" json:"parallel,omitempty"`
RepeatCount *int64 `tfsdk:"repeat_count" json:"repeatCount,omitempty"`
ReportFormat *string `tfsdk:"report_format" json:"reportFormat,omitempty"`
@@ -325,6 +335,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -406,6 +427,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -437,6 +469,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -501,6 +544,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"delete": schema.SingleNestedAttribute{
Description: "Delete represents a deletion operation.",
MarkdownDescription: "Delete represents a deletion operation.",
@@ -510,6 +564,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1079,6 +1144,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1160,6 +1236,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1191,6 +1278,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -1472,6 +1570,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"delay_before_cleanup": schema.StringAttribute{
Description: "DelayBeforeCleanup adds a delay between the time a test ends and the time cleanup starts.",
MarkdownDescription: "DelayBeforeCleanup adds a delay between the time a test ends and the time cleanup starts.",
@@ -1548,6 +1657,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha1Manifest) Schema(_ context.Contex
Computed: false,
},
+ "namespace_template_compiler": schema.StringAttribute{
+ Description: "NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"parallel": schema.Int64Attribute{
Description: "The maximum number of tests to run at once.",
MarkdownDescription: "The maximum number of tests to run at once.",
diff --git a/internal/provider/chainsaw_kyverno_io_v1alpha1/chainsaw_kyverno_io_test_v1alpha1_manifest.go b/internal/provider/chainsaw_kyverno_io_v1alpha1/chainsaw_kyverno_io_test_v1alpha1_manifest.go
index 39dfb6989..237fe2b8a 100644
--- a/internal/provider/chainsaw_kyverno_io_v1alpha1/chainsaw_kyverno_io_test_v1alpha1_manifest.go
+++ b/internal/provider/chainsaw_kyverno_io_v1alpha1/chainsaw_kyverno_io_test_v1alpha1_manifest.go
@@ -44,15 +44,17 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
Spec *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Catch *[]struct {
Command *struct {
Args *[]string `tfsdk:"args" json:"args,omitempty"`
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -62,22 +64,26 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Entrypoint *string `tfsdk:"entrypoint" json:"entrypoint,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
WorkDir *string `tfsdk:"work_dir" json:"workDir,omitempty"`
} `tfsdk:"command" json:"command,omitempty"`
- Delete *struct {
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Delete *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -156,8 +162,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"pod_logs" json:"podLogs,omitempty"`
Script *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -167,13 +174,15 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Content *string `tfsdk:"content" json:"content,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
@@ -213,6 +222,7 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
Context *string `tfsdk:"context" json:"context,omitempty"`
Kubeconfig *string `tfsdk:"kubeconfig" json:"kubeconfig,omitempty"`
} `tfsdk:"clusters" json:"clusters,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
Concurrent *bool `tfsdk:"concurrent" json:"concurrent,omitempty"`
DelayBeforeCleanup *string `tfsdk:"delay_before_cleanup" json:"delayBeforeCleanup,omitempty"`
DeletionPropagationPolicy *string `tfsdk:"deletion_propagation_policy" json:"deletionPropagationPolicy,omitempty"`
@@ -221,25 +231,29 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
ForceTerminationGracePeriod *string `tfsdk:"force_termination_grace_period" json:"forceTerminationGracePeriod,omitempty"`
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
NamespaceTemplate *map[string]string `tfsdk:"namespace_template" json:"namespaceTemplate,omitempty"`
+ NamespaceTemplateCompiler *string `tfsdk:"namespace_template_compiler" json:"namespaceTemplateCompiler,omitempty"`
Scenarios *[]struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
} `tfsdk:"scenarios" json:"scenarios,omitempty"`
Skip *bool `tfsdk:"skip" json:"skip,omitempty"`
SkipDelete *bool `tfsdk:"skip_delete" json:"skipDelete,omitempty"`
Steps *[]struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Catch *[]struct {
Command *struct {
Args *[]string `tfsdk:"args" json:"args,omitempty"`
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -249,22 +263,26 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Entrypoint *string `tfsdk:"entrypoint" json:"entrypoint,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
WorkDir *string `tfsdk:"work_dir" json:"workDir,omitempty"`
} `tfsdk:"command" json:"command,omitempty"`
- Delete *struct {
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Delete *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -343,8 +361,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"pod_logs" json:"podLogs,omitempty"`
Script *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -354,13 +373,15 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Content *string `tfsdk:"content" json:"content,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
@@ -399,8 +420,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
Command *struct {
Args *[]string `tfsdk:"args" json:"args,omitempty"`
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -410,22 +432,26 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Entrypoint *string `tfsdk:"entrypoint" json:"entrypoint,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
WorkDir *string `tfsdk:"work_dir" json:"workDir,omitempty"`
} `tfsdk:"command" json:"command,omitempty"`
- Delete *struct {
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Delete *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -504,8 +530,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"pod_logs" json:"podLogs,omitempty"`
Script *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -515,13 +542,15 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Content *string `tfsdk:"content" json:"content,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
@@ -561,14 +590,16 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
Context *string `tfsdk:"context" json:"context,omitempty"`
Kubeconfig *string `tfsdk:"kubeconfig" json:"kubeconfig,omitempty"`
} `tfsdk:"clusters" json:"clusters,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
DeletionPropagationPolicy *string `tfsdk:"deletion_propagation_policy" json:"deletionPropagationPolicy,omitempty"`
Description *string `tfsdk:"description" json:"description,omitempty"`
Finally *[]struct {
Command *struct {
Args *[]string `tfsdk:"args" json:"args,omitempty"`
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -578,22 +609,26 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Entrypoint *string `tfsdk:"entrypoint" json:"entrypoint,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
WorkDir *string `tfsdk:"work_dir" json:"workDir,omitempty"`
} `tfsdk:"command" json:"command,omitempty"`
- Delete *struct {
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Delete *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -672,8 +707,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"pod_logs" json:"podLogs,omitempty"`
Script *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -683,13 +719,15 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Content *string `tfsdk:"content" json:"content,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
@@ -738,8 +776,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
Try *[]struct {
Apply *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -753,9 +792,10 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"expect" json:"expect,omitempty"`
File *string `tfsdk:"file" json:"file,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
Resource *map[string]string `tfsdk:"resource" json:"resource,omitempty"`
Template *bool `tfsdk:"template" json:"template,omitempty"`
@@ -763,8 +803,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"apply" json:"apply,omitempty"`
Assert *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -779,8 +820,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
Command *struct {
Args *[]string `tfsdk:"args" json:"args,omitempty"`
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -790,23 +832,27 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Entrypoint *string `tfsdk:"entrypoint" json:"entrypoint,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
WorkDir *string `tfsdk:"work_dir" json:"workDir,omitempty"`
} `tfsdk:"command" json:"command,omitempty"`
- ContinueOnError *bool `tfsdk:"continue_on_error" json:"continueOnError,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ ContinueOnError *bool `tfsdk:"continue_on_error" json:"continueOnError,omitempty"`
Create *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -820,9 +866,10 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"expect" json:"expect,omitempty"`
File *string `tfsdk:"file" json:"file,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
Resource *map[string]string `tfsdk:"resource" json:"resource,omitempty"`
Template *bool `tfsdk:"template" json:"template,omitempty"`
@@ -830,8 +877,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"create" json:"create,omitempty"`
Delete *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -871,8 +919,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
Description *string `tfsdk:"description" json:"description,omitempty"`
Error *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -912,8 +961,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"get" json:"get,omitempty"`
Patch *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -927,9 +977,10 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"expect" json:"expect,omitempty"`
File *string `tfsdk:"file" json:"file,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
Resource *map[string]string `tfsdk:"resource" json:"resource,omitempty"`
Template *bool `tfsdk:"template" json:"template,omitempty"`
@@ -959,9 +1010,10 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -969,8 +1021,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"proxy" json:"proxy,omitempty"`
Script *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -980,13 +1033,15 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Content *string `tfsdk:"content" json:"content,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
@@ -997,8 +1052,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"sleep" json:"sleep,omitempty"`
Update *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -1012,9 +1068,10 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
} `tfsdk:"expect" json:"expect,omitempty"`
File *string `tfsdk:"file" json:"file,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
Resource *map[string]string `tfsdk:"resource" json:"resource,omitempty"`
Template *bool `tfsdk:"template" json:"template,omitempty"`
@@ -1050,8 +1107,9 @@ type ChainsawKyvernoIoTestV1Alpha1ManifestData struct {
Template *string `tfsdk:"template" json:"template,omitempty"`
With *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
} `tfsdk:"with" json:"with,omitempty"`
} `tfsdk:"use" json:"use,omitempty"`
@@ -1138,6 +1196,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1187,6 +1256,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1268,6 +1348,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1299,6 +1390,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -1363,6 +1465,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"delete": schema.SingleNestedAttribute{
Description: "Delete represents a deletion operation.",
MarkdownDescription: "Delete represents a deletion operation.",
@@ -1372,6 +1485,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1941,6 +2065,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -2022,6 +2157,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -2053,6 +2199,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -2342,6 +2499,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"concurrent": schema.BoolAttribute{
Description: "Concurrent determines whether the test should run concurrently with other tests.",
MarkdownDescription: "Concurrent determines whether the test should run concurrently with other tests.",
@@ -2410,6 +2578,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
Computed: false,
},
+ "namespace_template_compiler": schema.StringAttribute{
+ Description: "NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "NamespaceTemplateCompiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"scenarios": schema.ListNestedAttribute{
Description: "Scenarios defines test scenarios.",
MarkdownDescription: "Scenarios defines test scenarios.",
@@ -2420,6 +2599,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -2478,6 +2668,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -2527,6 +2728,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -2608,6 +2820,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -2639,6 +2862,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -2703,6 +2937,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"delete": schema.SingleNestedAttribute{
Description: "Delete represents a deletion operation.",
MarkdownDescription: "Delete represents a deletion operation.",
@@ -2712,6 +2957,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -3281,6 +3537,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -3362,6 +3629,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -3393,6 +3671,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -3672,6 +3961,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -3753,6 +4053,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -3784,6 +4095,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -3848,6 +4170,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"delete": schema.SingleNestedAttribute{
Description: "Delete represents a deletion operation.",
MarkdownDescription: "Delete represents a deletion operation.",
@@ -3857,6 +4190,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -4426,6 +4770,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -4507,6 +4862,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -4538,6 +4904,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -4827,6 +5204,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"deletion_propagation_policy": schema.StringAttribute{
Description: "DeletionPropagationPolicy decides if a deletion will propagate to the dependents of the object, and how the garbage collector will handle the propagation. Overrides the deletion propagation policy set in both the Configuration and the Test.",
MarkdownDescription: "DeletionPropagationPolicy decides if a deletion will propagate to the dependents of the object, and how the garbage collector will handle the propagation. Overrides the deletion propagation policy set in both the Configuration and the Test.",
@@ -4869,6 +5257,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -4950,6 +5349,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -4981,6 +5391,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -5045,6 +5466,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"delete": schema.SingleNestedAttribute{
Description: "Delete represents a deletion operation.",
MarkdownDescription: "Delete represents a deletion operation.",
@@ -5054,6 +5486,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -5623,6 +6066,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -5704,6 +6158,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -5735,6 +6200,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -6086,6 +6562,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -6195,6 +6682,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -6269,6 +6767,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -6384,6 +6893,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -6465,6 +6985,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -6496,6 +7027,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -6560,6 +7102,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"continue_on_error": schema.BoolAttribute{
Description: "ContinueOnError determines whether a test should continue or not in case the operation was not successful. Even if the test continues executing, it will still be reported as failed.",
MarkdownDescription: "ContinueOnError determines whether a test should continue or not in case the operation was not successful. Even if the test continues executing, it will still be reported as failed.",
@@ -6577,6 +7130,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -6686,6 +7250,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -6760,6 +7335,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -7053,6 +7639,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -7345,6 +7942,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -7454,6 +8062,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -7683,6 +8302,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -7756,6 +8386,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -7837,6 +8478,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -7868,6 +8520,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -7958,6 +8621,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -8067,6 +8741,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -8328,6 +9013,17 @@ func (r *ChainsawKyvernoIoTestV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
diff --git a/internal/provider/chainsaw_kyverno_io_v1alpha2/chainsaw_kyverno_io_configuration_v1alpha2_manifest.go b/internal/provider/chainsaw_kyverno_io_v1alpha2/chainsaw_kyverno_io_configuration_v1alpha2_manifest.go
index fcfe9caae..a9b9844f5 100644
--- a/internal/provider/chainsaw_kyverno_io_v1alpha2/chainsaw_kyverno_io_configuration_v1alpha2_manifest.go
+++ b/internal/provider/chainsaw_kyverno_io_v1alpha2/chainsaw_kyverno_io_configuration_v1alpha2_manifest.go
@@ -66,8 +66,9 @@ type ChainsawKyvernoIoConfigurationV1Alpha2ManifestData struct {
Command *struct {
Args *[]string `tfsdk:"args" json:"args,omitempty"`
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -77,22 +78,26 @@ type ChainsawKyvernoIoConfigurationV1Alpha2ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Entrypoint *string `tfsdk:"entrypoint" json:"entrypoint,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
WorkDir *string `tfsdk:"work_dir" json:"workDir,omitempty"`
} `tfsdk:"command" json:"command,omitempty"`
- Delete *struct {
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Delete *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Clusters *struct {
@@ -171,8 +176,9 @@ type ChainsawKyvernoIoConfigurationV1Alpha2ManifestData struct {
} `tfsdk:"pod_logs" json:"podLogs,omitempty"`
Script *struct {
Bindings *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"bindings" json:"bindings,omitempty"`
Check *map[string]string `tfsdk:"check" json:"check,omitempty"`
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
@@ -182,13 +188,15 @@ type ChainsawKyvernoIoConfigurationV1Alpha2ManifestData struct {
} `tfsdk:"clusters" json:"clusters,omitempty"`
Content *string `tfsdk:"content" json:"content,omitempty"`
Env *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"env" json:"env,omitempty"`
Outputs *[]struct {
- Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Match *map[string]string `tfsdk:"match" json:"match,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *map[string]string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"outputs" json:"outputs,omitempty"`
SkipLogOutput *bool `tfsdk:"skip_log_output" json:"skipLogOutput,omitempty"`
Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
@@ -231,6 +239,7 @@ type ChainsawKyvernoIoConfigurationV1Alpha2ManifestData struct {
RepeatCount *int64 `tfsdk:"repeat_count" json:"repeatCount,omitempty"`
} `tfsdk:"execution" json:"execution,omitempty"`
Namespace *struct {
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
Name *string `tfsdk:"name" json:"name,omitempty"`
Template *map[string]string `tfsdk:"template" json:"template,omitempty"`
} `tfsdk:"namespace" json:"namespace,omitempty"`
@@ -240,7 +249,8 @@ type ChainsawKyvernoIoConfigurationV1Alpha2ManifestData struct {
Path *string `tfsdk:"path" json:"path,omitempty"`
} `tfsdk:"report" json:"report,omitempty"`
Templating *struct {
- Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
+ Compiler *string `tfsdk:"compiler" json:"compiler,omitempty"`
+ Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
} `tfsdk:"templating" json:"templating,omitempty"`
Timeouts *struct {
Apply *string `tfsdk:"apply" json:"apply,omitempty"`
@@ -456,6 +466,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -537,6 +558,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -568,6 +600,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -632,6 +675,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
Computed: false,
},
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"delete": schema.SingleNestedAttribute{
Description: "Delete represents a deletion operation.",
MarkdownDescription: "Delete represents a deletion operation.",
@@ -641,6 +695,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1210,6 +1275,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
MarkdownDescription: "Bindings defines additional binding key/values.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1291,6 +1367,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
MarkdownDescription: "Env defines additional environment variables.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name the name of the binding.",
MarkdownDescription: "Name the name of the binding.",
@@ -1322,6 +1409,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
MarkdownDescription: "Outputs defines output bindings.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"match": schema.MapAttribute{
Description: "Match defines the matching statement.",
MarkdownDescription: "Match defines the matching statement.",
@@ -1634,6 +1732,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
Description: "Namespace contains properties for the namespace to use for tests.",
MarkdownDescription: "Namespace contains properties for the namespace to use for tests.",
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"name": schema.StringAttribute{
Description: "Name defines the namespace to use for tests. If not specified, every test will execute in a random ephemeral namespace unless the namespace is overridden in a the test spec.",
MarkdownDescription: "Name defines the namespace to use for tests. If not specified, every test will execute in a random ephemeral namespace unless the namespace is overridden in a the test spec.",
@@ -1696,6 +1805,17 @@ func (r *ChainsawKyvernoIoConfigurationV1Alpha2Manifest) Schema(_ context.Contex
Description: "Templating contains the templating config.",
MarkdownDescription: "Templating contains the templating config.",
Attributes: map[string]schema.Attribute{
+ "compiler": schema.StringAttribute{
+ Description: "Compiler defines the default compiler to use when evaluating expressions.",
+ MarkdownDescription: "Compiler defines the default compiler to use when evaluating expressions.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("jp", "cel"),
+ },
+ },
+
"enabled": schema.BoolAttribute{
Description: "Enabled determines whether resources should be considered for templating.",
MarkdownDescription: "Enabled determines whether resources should be considered for templating.",
diff --git a/internal/provider/cilium_io_v2/cilium_io_cilium_node_v2_manifest.go b/internal/provider/cilium_io_v2/cilium_io_cilium_node_v2_manifest.go
index 9fc794d5c..3d390e9c2 100644
--- a/internal/provider/cilium_io_v2/cilium_io_cilium_node_v2_manifest.go
+++ b/internal/provider/cilium_io_v2/cilium_io_cilium_node_v2_manifest.go
@@ -118,7 +118,8 @@ type CiliumIoCiliumNodeV2ManifestData struct {
Pool *string `tfsdk:"pool" json:"pool,omitempty"`
} `tfsdk:"requested" json:"requested,omitempty"`
} `tfsdk:"pools" json:"pools,omitempty"`
- Pre_allocate *int64 `tfsdk:"pre_allocate" json:"pre-allocate,omitempty"`
+ Pre_allocate *int64 `tfsdk:"pre_allocate" json:"pre-allocate,omitempty"`
+ Static_ip_tags *map[string]string `tfsdk:"static_ip_tags" json:"static-ip-tags,omitempty"`
} `tfsdk:"ipam" json:"ipam,omitempty"`
Nodeidentity *int64 `tfsdk:"nodeidentity" json:"nodeidentity,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
@@ -748,6 +749,15 @@ func (r *CiliumIoCiliumNodeV2Manifest) Schema(_ context.Context, _ datasource.Sc
int64validator.AtLeast(0),
},
},
+
+ "static_ip_tags": schema.MapAttribute{
+ Description: "StaticIPTags are used to determine the pool of IPs from which to attribute a static IP to the node. For example in AWS this is used to filter Elastic IP Addresses.",
+ MarkdownDescription: "StaticIPTags are used to determine the pool of IPs from which to attribute a static IP to the node. For example in AWS this is used to filter Elastic IP Addresses.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
diff --git a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_cluster_class_v1beta1_manifest.go b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_cluster_class_v1beta1_manifest.go
index c795fb1f3..6309c056c 100644
--- a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_cluster_class_v1beta1_manifest.go
+++ b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_cluster_class_v1beta1_manifest.go
@@ -152,6 +152,8 @@ type ClusterXK8SIoClusterClassV1Beta1ManifestData struct {
Schema *struct {
OpenAPIV3Schema *struct {
AdditionalProperties *map[string]string `tfsdk:"additional_properties" json:"additionalProperties,omitempty"`
+ AllOf *map[string]string `tfsdk:"all_of" json:"allOf,omitempty"`
+ AnyOf *map[string]string `tfsdk:"any_of" json:"anyOf,omitempty"`
Default *map[string]string `tfsdk:"default" json:"default,omitempty"`
Description *string `tfsdk:"description" json:"description,omitempty"`
Enum *[]string `tfsdk:"enum" json:"enum,omitempty"`
@@ -168,11 +170,14 @@ type ClusterXK8SIoClusterClassV1Beta1ManifestData struct {
MinLength *int64 `tfsdk:"min_length" json:"minLength,omitempty"`
MinProperties *int64 `tfsdk:"min_properties" json:"minProperties,omitempty"`
Minimum *int64 `tfsdk:"minimum" json:"minimum,omitempty"`
+ Not *map[string]string `tfsdk:"not" json:"not,omitempty"`
+ OneOf *map[string]string `tfsdk:"one_of" json:"oneOf,omitempty"`
Pattern *string `tfsdk:"pattern" json:"pattern,omitempty"`
Properties *map[string]string `tfsdk:"properties" json:"properties,omitempty"`
Required *[]string `tfsdk:"required" json:"required,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
UniqueItems *bool `tfsdk:"unique_items" json:"uniqueItems,omitempty"`
+ X_kubernetes_int_or_string *bool `tfsdk:"x_kubernetes_int_or_string" json:"x-kubernetes-int-or-string,omitempty"`
X_kubernetes_preserve_unknown_fields *bool `tfsdk:"x_kubernetes_preserve_unknown_fields" json:"x-kubernetes-preserve-unknown-fields,omitempty"`
X_kubernetes_validations *[]struct {
FieldPath *string `tfsdk:"field_path" json:"fieldPath,omitempty"`
@@ -1110,6 +1115,24 @@ func (r *ClusterXK8SIoClusterClassV1Beta1Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "all_of": schema.MapAttribute{
+ Description: "AllOf specifies that the variable must validate against all of the subschemas in the array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.",
+ MarkdownDescription: "AllOf specifies that the variable must validate against all of the subschemas in the array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "any_of": schema.MapAttribute{
+ Description: "AnyOf specifies that the variable must validate against one or more of the subschemas in the array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.",
+ MarkdownDescription: "AnyOf specifies that the variable must validate against one or more of the subschemas in the array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"default": schema.MapAttribute{
Description: "Default is the default value of the variable. NOTE: Can be set for all types.",
MarkdownDescription: "Default is the default value of the variable. NOTE: Can be set for all types.",
@@ -1242,6 +1265,24 @@ func (r *ClusterXK8SIoClusterClassV1Beta1Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "not": schema.MapAttribute{
+ Description: "Not specifies that the variable must not validate against the subschema. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.",
+ MarkdownDescription: "Not specifies that the variable must not validate against the subschema. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "one_of": schema.MapAttribute{
+ Description: "OneOf specifies that the variable must validate against exactly one of the subschemas in the array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.",
+ MarkdownDescription: "OneOf specifies that the variable must validate against exactly one of the subschemas in the array. NOTE: This field uses PreserveUnknownFields and Schemaless, because recursive validation is not possible.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"pattern": schema.StringAttribute{
Description: "Pattern is the regex which a string variable must match. NOTE: Can only be set if type is string.",
MarkdownDescription: "Pattern is the regex which a string variable must match. NOTE: Can only be set if type is string.",
@@ -1284,6 +1325,14 @@ func (r *ClusterXK8SIoClusterClassV1Beta1Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "x_kubernetes_int_or_string": schema.BoolAttribute{
+ Description: "x-kubernetes-int-or-string specifies that this value is either an integer or a string. If this is true, an empty type is allowed and type as child of anyOf is permitted if following one of the following patterns: 1) anyOf: - type: integer - type: string 2) allOf: - anyOf: - type: integer - type: string - ... zero or more",
+ MarkdownDescription: "x-kubernetes-int-or-string specifies that this value is either an integer or a string. If this is true, an empty type is allowed and type as child of anyOf is permitted if following one of the following patterns: 1) anyOf: - type: integer - type: string 2) allOf: - anyOf: - type: integer - type: string - ... zero or more",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"x_kubernetes_preserve_unknown_fields": schema.BoolAttribute{
Description: "XPreserveUnknownFields allows setting fields in a variable object which are not defined in the variable schema. This affects fields recursively, except if nested properties or additionalProperties are specified in the schema.",
MarkdownDescription: "XPreserveUnknownFields allows setting fields in a variable object which are not defined in the variable schema. This affects fields recursively, except if nested properties or additionalProperties are specified in the schema.",
diff --git a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_cluster_v1beta1_manifest.go b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_cluster_v1beta1_manifest.go
index 4114bf987..3bc12d7ba 100644
--- a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_cluster_v1beta1_manifest.go
+++ b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_cluster_v1beta1_manifest.go
@@ -44,6 +44,9 @@ type ClusterXK8SIoClusterV1Beta1ManifestData struct {
} `tfsdk:"metadata" json:"metadata"`
Spec *struct {
+ AvailabilityGates *[]struct {
+ ConditionType *string `tfsdk:"condition_type" json:"conditionType,omitempty"`
+ } `tfsdk:"availability_gates" json:"availabilityGates,omitempty"`
ClusterNetwork *struct {
ApiServerPort *int64 `tfsdk:"api_server_port" json:"apiServerPort,omitempty"`
Pods *struct {
@@ -279,6 +282,30 @@ func (r *ClusterXK8SIoClusterV1Beta1Manifest) Schema(_ context.Context, _ dataso
Description: "ClusterSpec defines the desired state of Cluster.",
MarkdownDescription: "ClusterSpec defines the desired state of Cluster.",
Attributes: map[string]schema.Attribute{
+ "availability_gates": schema.ListNestedAttribute{
+ Description: "availabilityGates specifies additional conditions to include when evaluating Cluster Available condition. NOTE: this field is considered only for computing v1beta2 conditions.",
+ MarkdownDescription: "availabilityGates specifies additional conditions to include when evaluating Cluster Available condition. NOTE: this field is considered only for computing v1beta2 conditions.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "condition_type": schema.StringAttribute{
+ Description: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Cluster's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as availability gates.",
+ MarkdownDescription: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Cluster's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as availability gates.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.LengthAtLeast(1),
+ stringvalidator.LengthAtMost(316),
+ stringvalidator.RegexMatches(regexp.MustCompile(`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$`), ""),
+ },
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"cluster_network": schema.SingleNestedAttribute{
Description: "Cluster network configuration.",
MarkdownDescription: "Cluster network configuration.",
diff --git a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.go b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.go
index 0c6c70d28..501e4c094 100644
--- a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.go
+++ b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_deployment_v1beta1_manifest.go
@@ -16,6 +16,7 @@ import (
"github.com/metio/terraform-provider-k8s/internal/utilities"
"github.com/metio/terraform-provider-k8s/internal/validators"
"k8s.io/utils/pointer"
+ "regexp"
"sigs.k8s.io/yaml"
)
@@ -102,7 +103,10 @@ type ClusterXK8SIoMachineDeploymentV1Beta1ManifestData struct {
NodeDrainTimeout *string `tfsdk:"node_drain_timeout" json:"nodeDrainTimeout,omitempty"`
NodeVolumeDetachTimeout *string `tfsdk:"node_volume_detach_timeout" json:"nodeVolumeDetachTimeout,omitempty"`
ProviderID *string `tfsdk:"provider_id" json:"providerID,omitempty"`
- Version *string `tfsdk:"version" json:"version,omitempty"`
+ ReadinessGates *[]struct {
+ ConditionType *string `tfsdk:"condition_type" json:"conditionType,omitempty"`
+ } `tfsdk:"readiness_gates" json:"readinessGates,omitempty"`
+ Version *string `tfsdk:"version" json:"version,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"template" json:"template,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
@@ -607,6 +611,30 @@ func (r *ClusterXK8SIoMachineDeploymentV1Beta1Manifest) Schema(_ context.Context
Computed: false,
},
+ "readiness_gates": schema.ListNestedAttribute{
+ Description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions.",
+ MarkdownDescription: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "condition_type": schema.StringAttribute{
+ Description: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.",
+ MarkdownDescription: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.LengthAtLeast(1),
+ stringvalidator.LengthAtMost(316),
+ stringvalidator.RegexMatches(regexp.MustCompile(`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$`), ""),
+ },
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"version": schema.StringAttribute{
Description: "Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.",
MarkdownDescription: "Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.",
diff --git a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_pool_v1beta1_manifest.go b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_pool_v1beta1_manifest.go
index 1bf1f378f..bbd8cd5af 100644
--- a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_pool_v1beta1_manifest.go
+++ b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_pool_v1beta1_manifest.go
@@ -16,6 +16,7 @@ import (
"github.com/metio/terraform-provider-k8s/internal/utilities"
"github.com/metio/terraform-provider-k8s/internal/validators"
"k8s.io/utils/pointer"
+ "regexp"
"sigs.k8s.io/yaml"
)
@@ -81,7 +82,10 @@ type ClusterXK8SIoMachinePoolV1Beta1ManifestData struct {
NodeDrainTimeout *string `tfsdk:"node_drain_timeout" json:"nodeDrainTimeout,omitempty"`
NodeVolumeDetachTimeout *string `tfsdk:"node_volume_detach_timeout" json:"nodeVolumeDetachTimeout,omitempty"`
ProviderID *string `tfsdk:"provider_id" json:"providerID,omitempty"`
- Version *string `tfsdk:"version" json:"version,omitempty"`
+ ReadinessGates *[]struct {
+ ConditionType *string `tfsdk:"condition_type" json:"conditionType,omitempty"`
+ } `tfsdk:"readiness_gates" json:"readinessGates,omitempty"`
+ Version *string `tfsdk:"version" json:"version,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"template" json:"template,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
@@ -442,6 +446,30 @@ func (r *ClusterXK8SIoMachinePoolV1Beta1Manifest) Schema(_ context.Context, _ da
Computed: false,
},
+ "readiness_gates": schema.ListNestedAttribute{
+ Description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions.",
+ MarkdownDescription: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "condition_type": schema.StringAttribute{
+ Description: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.",
+ MarkdownDescription: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.LengthAtLeast(1),
+ stringvalidator.LengthAtMost(316),
+ stringvalidator.RegexMatches(regexp.MustCompile(`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$`), ""),
+ },
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"version": schema.StringAttribute{
Description: "Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.",
MarkdownDescription: "Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.",
diff --git a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_set_v1beta1_manifest.go b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_set_v1beta1_manifest.go
index 48ed6930d..35235c395 100644
--- a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_set_v1beta1_manifest.go
+++ b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_set_v1beta1_manifest.go
@@ -16,6 +16,7 @@ import (
"github.com/metio/terraform-provider-k8s/internal/utilities"
"github.com/metio/terraform-provider-k8s/internal/validators"
"k8s.io/utils/pointer"
+ "regexp"
"sigs.k8s.io/yaml"
)
@@ -88,7 +89,10 @@ type ClusterXK8SIoMachineSetV1Beta1ManifestData struct {
NodeDrainTimeout *string `tfsdk:"node_drain_timeout" json:"nodeDrainTimeout,omitempty"`
NodeVolumeDetachTimeout *string `tfsdk:"node_volume_detach_timeout" json:"nodeVolumeDetachTimeout,omitempty"`
ProviderID *string `tfsdk:"provider_id" json:"providerID,omitempty"`
- Version *string `tfsdk:"version" json:"version,omitempty"`
+ ReadinessGates *[]struct {
+ ConditionType *string `tfsdk:"condition_type" json:"conditionType,omitempty"`
+ } `tfsdk:"readiness_gates" json:"readinessGates,omitempty"`
+ Version *string `tfsdk:"version" json:"version,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"template" json:"template,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
@@ -496,6 +500,30 @@ func (r *ClusterXK8SIoMachineSetV1Beta1Manifest) Schema(_ context.Context, _ dat
Computed: false,
},
+ "readiness_gates": schema.ListNestedAttribute{
+ Description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions.",
+ MarkdownDescription: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "condition_type": schema.StringAttribute{
+ Description: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.",
+ MarkdownDescription: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.LengthAtLeast(1),
+ stringvalidator.LengthAtMost(316),
+ stringvalidator.RegexMatches(regexp.MustCompile(`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$`), ""),
+ },
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"version": schema.StringAttribute{
Description: "Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.",
MarkdownDescription: "Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.",
diff --git a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_v1beta1_manifest.go b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_v1beta1_manifest.go
index 8b793ef75..484b9d5b9 100644
--- a/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_v1beta1_manifest.go
+++ b/internal/provider/cluster_x_k8s_io_v1beta1/cluster_x_k8s_io_machine_v1beta1_manifest.go
@@ -16,6 +16,7 @@ import (
"github.com/metio/terraform-provider-k8s/internal/utilities"
"github.com/metio/terraform-provider-k8s/internal/validators"
"k8s.io/utils/pointer"
+ "regexp"
"sigs.k8s.io/yaml"
)
@@ -70,7 +71,10 @@ type ClusterXK8SIoMachineV1Beta1ManifestData struct {
NodeDrainTimeout *string `tfsdk:"node_drain_timeout" json:"nodeDrainTimeout,omitempty"`
NodeVolumeDetachTimeout *string `tfsdk:"node_volume_detach_timeout" json:"nodeVolumeDetachTimeout,omitempty"`
ProviderID *string `tfsdk:"provider_id" json:"providerID,omitempty"`
- Version *string `tfsdk:"version" json:"version,omitempty"`
+ ReadinessGates *[]struct {
+ ConditionType *string `tfsdk:"condition_type" json:"conditionType,omitempty"`
+ } `tfsdk:"readiness_gates" json:"readinessGates,omitempty"`
+ Version *string `tfsdk:"version" json:"version,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
}
@@ -349,6 +353,30 @@ func (r *ClusterXK8SIoMachineV1Beta1Manifest) Schema(_ context.Context, _ dataso
Computed: false,
},
+ "readiness_gates": schema.ListNestedAttribute{
+ Description: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions.",
+ MarkdownDescription: "readinessGates specifies additional conditions to include when evaluating Machine Ready condition. This field can be used e.g. by Cluster API control plane providers to extend the semantic of the Ready condition for the Machine they control, like the kubeadm control provider adding ReadinessGates for the APIServerPodHealthy, SchedulerPodHealthy conditions, etc. Another example are external controllers, e.g. responsible to install special software/hardware on the Machines; they can include the status of those components with a new condition and add this condition to ReadinessGates. NOTE: this field is considered only for computing v1beta2 conditions.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "condition_type": schema.StringAttribute{
+ Description: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.",
+ MarkdownDescription: "conditionType refers to a positive polarity condition (status true means good) with matching type in the Machine's condition list. If the conditions doesn't exist, it will be treated as unknown. Note: Both Cluster API conditions or conditions added by 3rd party controllers can be used as readiness gates.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.LengthAtLeast(1),
+ stringvalidator.LengthAtMost(316),
+ stringvalidator.RegexMatches(regexp.MustCompile(`^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$`), ""),
+ },
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"version": schema.StringAttribute{
Description: "Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.",
MarkdownDescription: "Version defines the desired Kubernetes version. This field is meant to be optionally used by bootstrap providers.",
diff --git a/internal/provider/confidentialcontainers_org_v1beta1/confidentialcontainers_org_cc_runtime_v1beta1_manifest.go b/internal/provider/confidentialcontainers_org_v1beta1/confidentialcontainers_org_cc_runtime_v1beta1_manifest.go
index 456e28c89..0f3788bad 100644
--- a/internal/provider/confidentialcontainers_org_v1beta1/confidentialcontainers_org_cc_runtime_v1beta1_manifest.go
+++ b/internal/provider/confidentialcontainers_org_v1beta1/confidentialcontainers_org_cc_runtime_v1beta1_manifest.go
@@ -89,12 +89,13 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
InstallDoneLabel *map[string]string `tfsdk:"install_done_label" json:"installDoneLabel,omitempty"`
InstallType *string `tfsdk:"install_type" json:"installType,omitempty"`
InstallerVolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"installer_volume_mounts" json:"installerVolumeMounts,omitempty"`
InstallerVolumes *[]struct {
AwsElasticBlockStore *struct {
@@ -190,9 +191,6 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -204,9 +202,10 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -287,6 +286,20 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -418,12 +431,13 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
} `tfsdk:"environment_variables" json:"environmentVariables,omitempty"`
Image *string `tfsdk:"image" json:"image,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
Volumes *[]struct {
AwsElasticBlockStore *struct {
@@ -519,9 +533,6 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -533,9 +544,10 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -616,6 +628,20 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -746,12 +772,13 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
} `tfsdk:"environment_variables" json:"environmentVariables,omitempty"`
Image *string `tfsdk:"image" json:"image,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
Volumes *[]struct {
AwsElasticBlockStore *struct {
@@ -847,9 +874,6 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -861,9 +885,10 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -944,6 +969,20 @@ type ConfidentialcontainersOrgCcRuntimeV1Beta1ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1186,8 +1225,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "This specifies the registry secret to pull of the container images",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1261,8 +1300,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1352,8 +1391,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1450,8 +1489,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -1473,6 +1512,14 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -1505,8 +1552,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
Required: false,
Optional: true,
Computed: false,
@@ -1673,8 +1720,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1723,8 +1770,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1796,8 +1843,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1841,8 +1888,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1893,8 +1940,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -2110,25 +2157,6 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
MarkdownDescription: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- MarkdownDescription: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- MarkdownDescription: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
MarkdownDescription: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
@@ -2214,6 +2242,14 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
MarkdownDescription: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
@@ -2250,8 +2286,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.",
+ MarkdownDescription: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.",
Required: false,
Optional: true,
Computed: false,
@@ -2338,8 +2374,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2385,8 +2421,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
+ MarkdownDescription: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
Required: false,
Optional: true,
Computed: false,
@@ -2488,8 +2524,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"host_path": schema.SingleNestedAttribute{
- Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.",
- MarkdownDescription: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.",
+ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
+ MarkdownDescription: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
Attributes: map[string]schema.Attribute{
"path": schema.StringAttribute{
Description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
@@ -2533,8 +2569,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi",
Required: false,
Optional: true,
Computed: false,
@@ -2594,8 +2630,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is the CHAP Secret for iSCSI target and initiator authentication",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2760,6 +2796,101 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "sources is the list of volume projections",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ MarkdownDescription: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ MarkdownDescription: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "key is the label key that the selector applies to.",
+ MarkdownDescription: "key is the label key that the selector applies to.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ MarkdownDescription: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ MarkdownDescription: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ MarkdownDescription: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ MarkdownDescription: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ MarkdownDescription: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "Relative path from the volume root to write the bundle.",
+ MarkdownDescription: "Relative path from the volume root to write the bundle.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "configMap information about the configMap data to project",
MarkdownDescription: "configMap information about the configMap data to project",
@@ -2800,8 +2931,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2830,8 +2961,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -2954,8 +3085,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3080,8 +3211,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd",
Required: false,
Optional: true,
Computed: false,
@@ -3133,8 +3264,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3199,8 +3330,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3349,8 +3480,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3496,8 +3627,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3587,8 +3718,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3640,8 +3771,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -3663,6 +3794,14 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -3695,8 +3834,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
Required: false,
Optional: true,
Computed: false,
@@ -3863,8 +4002,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3913,8 +4052,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3986,8 +4125,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -4031,8 +4170,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -4083,8 +4222,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -4300,25 +4439,6 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
MarkdownDescription: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- MarkdownDescription: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- MarkdownDescription: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
MarkdownDescription: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
@@ -4404,6 +4524,14 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
MarkdownDescription: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
@@ -4440,8 +4568,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.",
+ MarkdownDescription: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.",
Required: false,
Optional: true,
Computed: false,
@@ -4528,8 +4656,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -4575,8 +4703,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
+ MarkdownDescription: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
Required: false,
Optional: true,
Computed: false,
@@ -4678,8 +4806,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"host_path": schema.SingleNestedAttribute{
- Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.",
- MarkdownDescription: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.",
+ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
+ MarkdownDescription: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
Attributes: map[string]schema.Attribute{
"path": schema.StringAttribute{
Description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
@@ -4723,8 +4851,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi",
Required: false,
Optional: true,
Computed: false,
@@ -4784,8 +4912,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is the CHAP Secret for iSCSI target and initiator authentication",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -4950,6 +5078,101 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "sources is the list of volume projections",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ MarkdownDescription: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ MarkdownDescription: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "key is the label key that the selector applies to.",
+ MarkdownDescription: "key is the label key that the selector applies to.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ MarkdownDescription: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ MarkdownDescription: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ MarkdownDescription: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ MarkdownDescription: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ MarkdownDescription: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "Relative path from the volume root to write the bundle.",
+ MarkdownDescription: "Relative path from the volume root to write the bundle.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "configMap information about the configMap data to project",
MarkdownDescription: "configMap information about the configMap data to project",
@@ -4990,8 +5213,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -5020,8 +5243,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -5144,8 +5367,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -5270,8 +5493,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd",
Required: false,
Optional: true,
Computed: false,
@@ -5323,8 +5546,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -5389,8 +5612,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -5539,8 +5762,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -5675,8 +5898,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -5766,8 +5989,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -5819,8 +6042,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -5842,6 +6065,14 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -5874,8 +6105,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
Required: false,
Optional: true,
Computed: false,
@@ -6042,8 +6273,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -6092,8 +6323,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -6165,8 +6396,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -6210,8 +6441,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -6262,8 +6493,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -6479,25 +6710,6 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
MarkdownDescription: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- MarkdownDescription: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- MarkdownDescription: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
MarkdownDescription: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
@@ -6583,6 +6795,14 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
MarkdownDescription: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
@@ -6619,8 +6839,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.",
+ MarkdownDescription: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.",
Required: false,
Optional: true,
Computed: false,
@@ -6707,8 +6927,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -6754,8 +6974,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
+ MarkdownDescription: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
Required: false,
Optional: true,
Computed: false,
@@ -6857,8 +7077,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"host_path": schema.SingleNestedAttribute{
- Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.",
- MarkdownDescription: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.",
+ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
+ MarkdownDescription: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
Attributes: map[string]schema.Attribute{
"path": schema.StringAttribute{
Description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
@@ -6902,8 +7122,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi",
Required: false,
Optional: true,
Computed: false,
@@ -6963,8 +7183,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is the CHAP Secret for iSCSI target and initiator authentication",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -7129,6 +7349,101 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "sources is the list of volume projections",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ MarkdownDescription: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ MarkdownDescription: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "key is the label key that the selector applies to.",
+ MarkdownDescription: "key is the label key that the selector applies to.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ MarkdownDescription: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ MarkdownDescription: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ MarkdownDescription: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ MarkdownDescription: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ MarkdownDescription: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "Relative path from the volume root to write the bundle.",
+ MarkdownDescription: "Relative path from the volume root to write the bundle.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "configMap information about the configMap data to project",
MarkdownDescription: "configMap information about the configMap data to project",
@@ -7169,8 +7484,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -7199,8 +7514,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -7323,8 +7638,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -7449,8 +7764,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd",
Required: false,
Optional: true,
Computed: false,
@@ -7502,8 +7817,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -7568,8 +7883,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -7718,8 +8033,8 @@ func (r *ConfidentialcontainersOrgCcRuntimeV1Beta1Manifest) Schema(_ context.Con
MarkdownDescription: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/druid_stackable_tech_v1alpha1/druid_stackable_tech_druid_cluster_v1alpha1_manifest.go b/internal/provider/druid_stackable_tech_v1alpha1/druid_stackable_tech_druid_cluster_v1alpha1_manifest.go
index ac2f8716c..d9453dedf 100644
--- a/internal/provider/druid_stackable_tech_v1alpha1/druid_stackable_tech_druid_cluster_v1alpha1_manifest.go
+++ b/internal/provider/druid_stackable_tech_v1alpha1/druid_stackable_tech_druid_cluster_v1alpha1_manifest.go
@@ -167,9 +167,10 @@ type DruidStackableTechDruidClusterV1Alpha1ManifestData struct {
AccessStyle *string `tfsdk:"access_style" json:"accessStyle,omitempty"`
Credentials *struct {
Scope *struct {
- Node *bool `tfsdk:"node" json:"node,omitempty"`
- Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
- Services *[]string `tfsdk:"services" json:"services,omitempty"`
+ ListenerVolumes *[]string `tfsdk:"listener_volumes" json:"listenerVolumes,omitempty"`
+ Node *bool `tfsdk:"node" json:"node,omitempty"`
+ Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
+ Services *[]string `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"scope" json:"scope,omitempty"`
SecretClass *string `tfsdk:"secret_class" json:"secretClass,omitempty"`
} `tfsdk:"credentials" json:"credentials,omitempty"`
@@ -201,9 +202,10 @@ type DruidStackableTechDruidClusterV1Alpha1ManifestData struct {
AccessStyle *string `tfsdk:"access_style" json:"accessStyle,omitempty"`
Credentials *struct {
Scope *struct {
- Node *bool `tfsdk:"node" json:"node,omitempty"`
- Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
- Services *[]string `tfsdk:"services" json:"services,omitempty"`
+ ListenerVolumes *[]string `tfsdk:"listener_volumes" json:"listenerVolumes,omitempty"`
+ Node *bool `tfsdk:"node" json:"node,omitempty"`
+ Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
+ Services *[]string `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"scope" json:"scope,omitempty"`
SecretClass *string `tfsdk:"secret_class" json:"secretClass,omitempty"`
} `tfsdk:"credentials" json:"credentials,omitempty"`
@@ -745,8 +747,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -763,8 +765,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -772,8 +774,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -1056,8 +1058,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1074,8 +1076,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1083,8 +1085,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -1345,16 +1347,16 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"authentication_class": schema.StringAttribute{
- Description: "A name/key which references an authentication class. To get the concrete ['AuthenticationClass'], we must resolve it. This resolution can be achieved by using ['ClientAuthenticationDetails::resolve_class'].",
- MarkdownDescription: "A name/key which references an authentication class. To get the concrete ['AuthenticationClass'], we must resolve it. This resolution can be achieved by using ['ClientAuthenticationDetails::resolve_class'].",
+ Description: "Name of the [AuthenticationClass](https://docs.stackable.tech/home/nightly/concepts/authentication) used to authenticate users.",
+ MarkdownDescription: "Name of the [AuthenticationClass](https://docs.stackable.tech/home/nightly/concepts/authentication) used to authenticate users.",
Required: true,
Optional: false,
Computed: false,
},
"oidc": schema.SingleNestedAttribute{
- Description: "This field contains authentication provider specific configuration. Use ['ClientAuthenticationDetails::oidc_or_error'] to get the value or report an error to the user.",
- MarkdownDescription: "This field contains authentication provider specific configuration. Use ['ClientAuthenticationDetails::oidc_or_error'] to get the value or report an error to the user.",
+ Description: "This field contains OIDC-specific configuration. It is only required in case OIDC is used.",
+ MarkdownDescription: "This field contains OIDC-specific configuration. It is only required in case OIDC is used.",
Attributes: map[string]schema.Attribute{
"client_credentials_secret": schema.StringAttribute{
Description: "A reference to the OIDC client credentials secret. The secret contains the client id and secret.",
@@ -1464,14 +1466,14 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "The S3 bucket to use for deep storage. Can either be defined inline or as a reference, read the [S3 bucket docs](https://docs.stackable.tech/home/nightly/concepts/s3) to learn more.",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "An inline definition, containing the S3 bucket properties.",
- MarkdownDescription: "An inline definition, containing the S3 bucket properties.",
+ Description: "S3 bucket specification containing the bucket name and an inlined or referenced connection specification. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 bucket specification containing the bucket name and an inlined or referenced connection specification. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"bucket_name": schema.StringAttribute{
Description: "The name of the S3 bucket.",
MarkdownDescription: "The name of the S3 bucket.",
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -1480,8 +1482,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "The definition of an S3 connection, either inline or as a reference.",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "Inline definition of an S3 connection.",
- MarkdownDescription: "Inline definition of an S3 connection.",
+ Description: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"access_style": schema.StringAttribute{
Description: "Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).",
@@ -1502,6 +1504,15 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
MarkdownDescription: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
Attributes: map[string]schema.Attribute{
+ "listener_volumes": schema.ListAttribute{
+ Description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ MarkdownDescription: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"node": schema.BoolAttribute{
Description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
MarkdownDescription: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
@@ -1546,10 +1557,10 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
},
"host": schema.StringAttribute{
- Description: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- MarkdownDescription: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- Required: false,
- Optional: true,
+ Description: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ MarkdownDescription: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -1565,8 +1576,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
},
"tls": schema.SingleNestedAttribute{
- Description: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
- MarkdownDescription: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
+ Description: "Use a TLS connection. If not specified no TLS will be used.",
+ MarkdownDescription: "Use a TLS connection. If not specified no TLS will be used.",
Attributes: map[string]schema.Attribute{
"verification": schema.SingleNestedAttribute{
Description: "The verification method used to verify the certificates of the server and/or the client.",
@@ -1632,15 +1643,15 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3Connection resource.",
- MarkdownDescription: "A reference to an S3Connection resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
},
},
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -1650,8 +1661,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3 bucket object. This is simply the name of the 'S3Bucket' resource.",
- MarkdownDescription: "A reference to an S3 bucket object. This is simply the name of the 'S3Bucket' resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
@@ -1690,8 +1701,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Druid supports ingesting data from S3 buckets where the bucket name is specified in the ingestion task. However, the S3 connection has to be specified in advance and only a single S3 connection is supported. S3 connections can either be specified 'inline' or as a 'reference'. Read the [S3 resource concept docs](https://docs.stackable.tech/home/nightly/concepts/s3) to learn more.",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "Inline definition of an S3 connection.",
- MarkdownDescription: "Inline definition of an S3 connection.",
+ Description: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"access_style": schema.StringAttribute{
Description: "Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).",
@@ -1712,6 +1723,15 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
MarkdownDescription: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
Attributes: map[string]schema.Attribute{
+ "listener_volumes": schema.ListAttribute{
+ Description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ MarkdownDescription: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"node": schema.BoolAttribute{
Description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
MarkdownDescription: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
@@ -1756,10 +1776,10 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
},
"host": schema.StringAttribute{
- Description: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- MarkdownDescription: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- Required: false,
- Optional: true,
+ Description: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ MarkdownDescription: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -1775,8 +1795,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
},
"tls": schema.SingleNestedAttribute{
- Description: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
- MarkdownDescription: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
+ Description: "Use a TLS connection. If not specified no TLS will be used.",
+ MarkdownDescription: "Use a TLS connection. If not specified no TLS will be used.",
Attributes: map[string]schema.Attribute{
"verification": schema.SingleNestedAttribute{
Description: "The verification method used to verify the certificates of the server and/or the client.",
@@ -1842,8 +1862,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3Connection resource.",
- MarkdownDescription: "A reference to an S3Connection resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
@@ -2013,8 +2033,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -2031,8 +2051,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -2040,8 +2060,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -2324,8 +2344,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -2342,8 +2362,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -2351,8 +2371,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -2619,8 +2639,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -2637,8 +2657,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -2646,8 +2666,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -2975,8 +2995,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -2993,8 +3013,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -3002,8 +3022,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -3327,10 +3347,10 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- Required: false,
- Optional: true,
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -3386,8 +3406,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -3404,8 +3424,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -3413,8 +3433,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -3697,8 +3717,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -3715,8 +3735,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -3724,8 +3744,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -3992,8 +4012,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -4010,8 +4030,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -4019,8 +4039,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -4303,8 +4323,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -4321,8 +4341,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -4330,8 +4350,8 @@ func (r *DruidStackableTechDruidClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
diff --git a/internal/provider/eks_services_k8s_aws_v1alpha1/eks_services_k8s_aws_addon_v1alpha1_manifest.go b/internal/provider/eks_services_k8s_aws_v1alpha1/eks_services_k8s_aws_addon_v1alpha1_manifest.go
index 2c6baba6e..29536a604 100644
--- a/internal/provider/eks_services_k8s_aws_v1alpha1/eks_services_k8s_aws_addon_v1alpha1_manifest.go
+++ b/internal/provider/eks_services_k8s_aws_v1alpha1/eks_services_k8s_aws_addon_v1alpha1_manifest.go
@@ -52,8 +52,12 @@ type EksServicesK8SAwsAddonV1Alpha1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"from" json:"from,omitempty"`
} `tfsdk:"cluster_ref" json:"clusterRef,omitempty"`
- ConfigurationValues *string `tfsdk:"configuration_values" json:"configurationValues,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ ConfigurationValues *string `tfsdk:"configuration_values" json:"configurationValues,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ PodIdentityAssociations *[]struct {
+ RoleARN *string `tfsdk:"role_arn" json:"roleARN,omitempty"`
+ ServiceAccount *string `tfsdk:"service_account" json:"serviceAccount,omitempty"`
+ } `tfsdk:"pod_identity_associations" json:"podIdentityAssociations,omitempty"`
ResolveConflicts *string `tfsdk:"resolve_conflicts" json:"resolveConflicts,omitempty"`
ServiceAccountRoleARN *string `tfsdk:"service_account_role_arn" json:"serviceAccountRoleARN,omitempty"`
ServiceAccountRoleRef *struct {
@@ -217,6 +221,33 @@ func (r *EksServicesK8SAwsAddonV1Alpha1Manifest) Schema(_ context.Context, _ dat
Computed: false,
},
+ "pod_identity_associations": schema.ListNestedAttribute{
+ Description: "An array of Pod Identity Assocations to be created. Each EKS Pod Identity association maps a Kubernetes service account to an IAM Role. For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity (https://docs.aws.amazon.com/eks/latest/userguide/add-ons-iam.html) in the EKS User Guide.",
+ MarkdownDescription: "An array of Pod Identity Assocations to be created. Each EKS Pod Identity association maps a Kubernetes service account to an IAM Role. For more information, see Attach an IAM Role to an Amazon EKS add-on using Pod Identity (https://docs.aws.amazon.com/eks/latest/userguide/add-ons-iam.html) in the EKS User Guide.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "role_arn": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "service_account": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"resolve_conflicts": schema.StringAttribute{
Description: "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose: * None – If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail. * Overwrite – If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value. * Preserve – This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see UpdateAddon (https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html). If you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.",
MarkdownDescription: "How to resolve field value conflicts for an Amazon EKS add-on. Conflicts are handled based on the value you choose: * None – If the self-managed version of the add-on is installed on your cluster, Amazon EKS doesn't change the value. Creation of the add-on might fail. * Overwrite – If the self-managed version of the add-on is installed on your cluster and the Amazon EKS default value is different than the existing value, Amazon EKS changes the value to the Amazon EKS default value. * Preserve – This is similar to the NONE option. If the self-managed version of the add-on is installed on your cluster Amazon EKS doesn't change the add-on resource properties. Creation of the add-on might fail if conflicts are detected. This option works differently during the update operation. For more information, see UpdateAddon (https://docs.aws.amazon.com/eks/latest/APIReference/API_UpdateAddon.html). If you don't currently have the self-managed version of the add-on installed on your cluster, the Amazon EKS add-on is installed. Amazon EKS sets all values to default values, regardless of the option that you specify.",
diff --git a/internal/provider/eks_services_k8s_aws_v1alpha1/eks_services_k8s_aws_nodegroup_v1alpha1_manifest.go b/internal/provider/eks_services_k8s_aws_v1alpha1/eks_services_k8s_aws_nodegroup_v1alpha1_manifest.go
index 6bf93e1f8..7dcebf98b 100644
--- a/internal/provider/eks_services_k8s_aws_v1alpha1/eks_services_k8s_aws_nodegroup_v1alpha1_manifest.go
+++ b/internal/provider/eks_services_k8s_aws_v1alpha1/eks_services_k8s_aws_nodegroup_v1alpha1_manifest.go
@@ -184,8 +184,8 @@ func (r *EksServicesK8SAwsNodegroupV1Alpha1Manifest) Schema(_ context.Context, _
MarkdownDescription: "NodegroupSpec defines the desired state of Nodegroup. An object representing an Amazon EKS managed node group.",
Attributes: map[string]schema.Attribute{
"ami_type": schema.StringAttribute{
- Description: "The AMI type for your node group. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add eks:kube-proxy-windows to your Windows nodes rolearn in the aws-auth ConfigMap. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
- MarkdownDescription: "The AMI type for your node group. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add eks:kube-proxy-windows to your Windows nodes rolearn in the aws-auth ConfigMap. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ Description: "The AMI type for your node group. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add eks:kube-proxy-windows to your Windows nodes rolearn in the aws-auth ConfigMap. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ MarkdownDescription: "The AMI type for your node group. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify amiType, or the node group deployment will fail. If your launch template uses a Windows custom AMI, then add eks:kube-proxy-windows to your Windows nodes rolearn in the aws-auth ConfigMap. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
Required: false,
Optional: true,
Computed: false,
@@ -250,16 +250,16 @@ func (r *EksServicesK8SAwsNodegroupV1Alpha1Manifest) Schema(_ context.Context, _
},
"disk_size": schema.Int64Attribute{
- Description: "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
- MarkdownDescription: "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ Description: "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ MarkdownDescription: "The root device disk size (in GiB) for your node group instances. The default disk size is 20 GiB for Linux and Bottlerocket. The default disk size is 50 GiB for Windows. If you specify launchTemplate, then don't specify diskSize, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
Required: false,
Optional: true,
Computed: false,
},
"instance_types": schema.ListAttribute{
- Description: "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the amiType parameter. If you specify launchTemplate, then you can specify zero or one instance type in your launch template or you can specify 0-20 instance types for instanceTypes. If however, you specify an instance type in your launch template and specify any instanceTypes, the node group deployment will fail. If you don't specify an instance type in a launch template or for instanceTypes, then t3.medium is used, by default. If you specify Spot for capacityType, then we recommend specifying multiple values for instanceTypes. For more information, see Managed node group capacity types (https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
- MarkdownDescription: "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the amiType parameter. If you specify launchTemplate, then you can specify zero or one instance type in your launch template or you can specify 0-20 instance types for instanceTypes. If however, you specify an instance type in your launch template and specify any instanceTypes, the node group deployment will fail. If you don't specify an instance type in a launch template or for instanceTypes, then t3.medium is used, by default. If you specify Spot for capacityType, then we recommend specifying multiple values for instanceTypes. For more information, see Managed node group capacity types (https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ Description: "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the amiType parameter. If you specify launchTemplate, then you can specify zero or one instance type in your launch template or you can specify 0-20 instance types for instanceTypes. If however, you specify an instance type in your launch template and specify any instanceTypes, the node group deployment will fail. If you don't specify an instance type in a launch template or for instanceTypes, then t3.medium is used, by default. If you specify Spot for capacityType, then we recommend specifying multiple values for instanceTypes. For more information, see Managed node group capacity types (https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ MarkdownDescription: "Specify the instance types for a node group. If you specify a GPU instance type, make sure to also specify an applicable GPU AMI type with the amiType parameter. If you specify launchTemplate, then you can specify zero or one instance type in your launch template or you can specify 0-20 instance types for instanceTypes. If however, you specify an instance type in your launch template and specify any instanceTypes, the node group deployment will fail. If you don't specify an instance type in a launch template or for instanceTypes, then t3.medium is used, by default. If you specify Spot for capacityType, then we recommend specifying multiple values for instanceTypes. For more information, see Managed node group capacity types (https://docs.aws.amazon.com/eks/latest/userguide/managed-node-groups.html#managed-node-group-capacity-types) and Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -276,8 +276,8 @@ func (r *EksServicesK8SAwsNodegroupV1Alpha1Manifest) Schema(_ context.Context, _
},
"launch_template": schema.SingleNestedAttribute{
- Description: "An object representing a node group's launch template specification. If specified, then do not specify instanceTypes, diskSize, or remoteAccess and make sure that the launch template meets the requirements in launchTemplateSpecification.",
- MarkdownDescription: "An object representing a node group's launch template specification. If specified, then do not specify instanceTypes, diskSize, or remoteAccess and make sure that the launch template meets the requirements in launchTemplateSpecification.",
+ Description: "An object representing a node group's launch template specification. When using this object, don't directly specify instanceTypes, diskSize, or remoteAccess. Make sure that the launch template meets the requirements in launchTemplateSpecification. Also refer to Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ MarkdownDescription: "An object representing a node group's launch template specification. When using this object, don't directly specify instanceTypes, diskSize, or remoteAccess. Make sure that the launch template meets the requirements in launchTemplateSpecification. Also refer to Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
Attributes: map[string]schema.Attribute{
"id": schema.StringAttribute{
Description: "",
@@ -317,8 +317,8 @@ func (r *EksServicesK8SAwsNodegroupV1Alpha1Manifest) Schema(_ context.Context, _
},
"node_role": schema.StringAttribute{
- Description: "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to Amazon Web Services APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
- MarkdownDescription: "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to Amazon Web Services APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ Description: "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to Amazon Web Services APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ MarkdownDescription: "The Amazon Resource Name (ARN) of the IAM role to associate with your node group. The Amazon EKS worker node kubelet daemon makes calls to Amazon Web Services APIs on your behalf. Nodes receive permissions for these API calls through an IAM instance profile and associated policies. Before you can launch nodes and register them into a cluster, you must create an IAM role for those nodes to use when they are launched. For more information, see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html) in the Amazon EKS User Guide . If you specify launchTemplate, then don't specify IamInstanceProfile (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_IamInstanceProfile.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
Required: false,
Optional: true,
Computed: false,
@@ -359,16 +359,16 @@ func (r *EksServicesK8SAwsNodegroupV1Alpha1Manifest) Schema(_ context.Context, _
},
"release_version": schema.StringAttribute{
- Description: "The AMI version of the Amazon EKS optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For information about Linux versions, see Amazon EKS optimized Amazon Linux AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the Amazon EKS User Guide. Amazon EKS managed node groups support the November 2022 and later releases of the Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-ami-versions-windows.html) in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
- MarkdownDescription: "The AMI version of the Amazon EKS optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For information about Linux versions, see Amazon EKS optimized Amazon Linux AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the Amazon EKS User Guide. Amazon EKS managed node groups support the November 2022 and later releases of the Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-ami-versions-windows.html) in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ Description: "The AMI version of the Amazon EKS optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For information about Linux versions, see Amazon EKS optimized Amazon Linux AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the Amazon EKS User Guide. Amazon EKS managed node groups support the November 2022 and later releases of the Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-ami-versions-windows.html) in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ MarkdownDescription: "The AMI version of the Amazon EKS optimized AMI to use with your node group. By default, the latest available AMI version for the node group's current Kubernetes version is used. For information about Linux versions, see Amazon EKS optimized Amazon Linux AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html) in the Amazon EKS User Guide. Amazon EKS managed node groups support the November 2022 and later releases of the Windows AMIs. For information about Windows versions, see Amazon EKS optimized Windows AMI versions (https://docs.aws.amazon.com/eks/latest/userguide/eks-ami-versions-windows.html) in the Amazon EKS User Guide. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify releaseVersion, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
Required: false,
Optional: true,
Computed: false,
},
"remote_access": schema.SingleNestedAttribute{
- Description: "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
- MarkdownDescription: "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ Description: "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ MarkdownDescription: "The remote access configuration to use with your node group. For Linux, the protocol is SSH. For Windows, the protocol is RDP. If you specify launchTemplate, then don't specify remoteAccess, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
Attributes: map[string]schema.Attribute{
"ec2_ssh_key": schema.StringAttribute{
Description: "",
@@ -498,8 +498,8 @@ func (r *EksServicesK8SAwsNodegroupV1Alpha1Manifest) Schema(_ context.Context, _
},
"subnets": schema.ListAttribute{
- Description: "The subnets to use for the Auto Scaling group that is created for your node group. If you specify launchTemplate, then don't specify SubnetId (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
- MarkdownDescription: "The subnets to use for the Auto Scaling group that is created for your node group. If you specify launchTemplate, then don't specify SubnetId (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ Description: "The subnets to use for the Auto Scaling group that is created for your node group. If you specify launchTemplate, then don't specify SubnetId (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ MarkdownDescription: "The subnets to use for the Auto Scaling group that is created for your node group. If you specify launchTemplate, then don't specify SubnetId (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) in your launch template, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -576,8 +576,8 @@ func (r *EksServicesK8SAwsNodegroupV1Alpha1Manifest) Schema(_ context.Context, _
},
"version": schema.StringAttribute{
- Description: "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
- MarkdownDescription: "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Launch template support (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ Description: "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
+ MarkdownDescription: "The Kubernetes version to use for your managed nodes. By default, the Kubernetes version of the cluster is used, and this is the only accepted specified value. If you specify launchTemplate, and your launch template uses a custom AMI, then don't specify version, or the node group deployment will fail. For more information about using launch templates with Amazon EKS, see Customizing managed nodes with launch templates (https://docs.aws.amazon.com/eks/latest/userguide/launch-templates.html) in the Amazon EKS User Guide.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/enterprise_gloo_solo_io_v1/enterprise_gloo_solo_io_auth_config_v1_manifest.go b/internal/provider/enterprise_gloo_solo_io_v1/enterprise_gloo_solo_io_auth_config_v1_manifest.go
index e3edd1ba4..1e04a5d10 100644
--- a/internal/provider/enterprise_gloo_solo_io_v1/enterprise_gloo_solo_io_auth_config_v1_manifest.go
+++ b/internal/provider/enterprise_gloo_solo_io_v1/enterprise_gloo_solo_io_auth_config_v1_manifest.go
@@ -99,7 +99,8 @@ type EnterpriseGlooSoloIoAuthConfigV1ManifestData struct {
} `tfsdk:"api_key_secret_refs" json:"apiKeySecretRefs,omitempty"`
LabelSelector *map[string]string `tfsdk:"label_selector" json:"labelSelector,omitempty"`
} `tfsdk:"k8s_secret_apikey_storage" json:"k8sSecretApikeyStorage,omitempty"`
- LabelSelector *map[string]string `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ LabelSelector *map[string]string `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ SkipMetadataValidation *bool `tfsdk:"skip_metadata_validation" json:"skipMetadataValidation,omitempty"`
} `tfsdk:"api_key_auth" json:"apiKeyAuth,omitempty"`
BasicAuth *struct {
Apr *struct {
@@ -961,6 +962,14 @@ func (r *EnterpriseGlooSoloIoAuthConfigV1Manifest) Schema(_ context.Context, _ d
Optional: true,
Computed: false,
},
+
+ "skip_metadata_validation": schema.BoolAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
diff --git a/internal/provider/fluentbit_fluent_io_v1alpha2/fluentbit_fluent_io_cluster_output_v1alpha2_manifest.go b/internal/provider/fluentbit_fluent_io_v1alpha2/fluentbit_fluent_io_cluster_output_v1alpha2_manifest.go
index ed7d81390..92b5e53b4 100644
--- a/internal/provider/fluentbit_fluent_io_v1alpha2/fluentbit_fluent_io_cluster_output_v1alpha2_manifest.go
+++ b/internal/provider/fluentbit_fluent_io_v1alpha2/fluentbit_fluent_io_cluster_output_v1alpha2_manifest.go
@@ -4303,8 +4303,8 @@ func (r *FluentbitFluentIoClusterOutputV1Alpha2Manifest) Schema(_ context.Contex
Optional: true,
Computed: false,
Validators: []validator.Int64{
- int64validator.AtLeast(0),
- int64validator.AtMost(65536),
+ int64validator.AtLeast(1),
+ int64validator.AtMost(65535),
},
},
diff --git a/internal/provider/fluentbit_fluent_io_v1alpha2/fluentbit_fluent_io_output_v1alpha2_manifest.go b/internal/provider/fluentbit_fluent_io_v1alpha2/fluentbit_fluent_io_output_v1alpha2_manifest.go
index d7579ea7f..e68df64b3 100644
--- a/internal/provider/fluentbit_fluent_io_v1alpha2/fluentbit_fluent_io_output_v1alpha2_manifest.go
+++ b/internal/provider/fluentbit_fluent_io_v1alpha2/fluentbit_fluent_io_output_v1alpha2_manifest.go
@@ -4316,8 +4316,8 @@ func (r *FluentbitFluentIoOutputV1Alpha2Manifest) Schema(_ context.Context, _ da
Optional: true,
Computed: false,
Validators: []validator.Int64{
- int64validator.AtLeast(0),
- int64validator.AtMost(65536),
+ int64validator.AtLeast(1),
+ int64validator.AtMost(65535),
},
},
diff --git a/internal/provider/gateway_nginx_org_v1alpha1/gateway_nginx_org_nginx_proxy_v1alpha1_manifest.go b/internal/provider/gateway_nginx_org_v1alpha1/gateway_nginx_org_nginx_proxy_v1alpha1_manifest.go
index 71ab66758..4fb1870a0 100644
--- a/internal/provider/gateway_nginx_org_v1alpha1/gateway_nginx_org_nginx_proxy_v1alpha1_manifest.go
+++ b/internal/provider/gateway_nginx_org_v1alpha1/gateway_nginx_org_nginx_proxy_v1alpha1_manifest.go
@@ -183,21 +183,21 @@ func (r *GatewayNginxOrgNginxProxyV1Alpha1Manifest) Schema(_ context.Context, _
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"type": schema.StringAttribute{
- Description: "Type specifies the type of address. Default is 'cidr' which specifies that the address is a CIDR block.",
- MarkdownDescription: "Type specifies the type of address. Default is 'cidr' which specifies that the address is a CIDR block.",
- Required: false,
- Optional: true,
+ Description: "Type specifies the type of address.",
+ MarkdownDescription: "Type specifies the type of address.",
+ Required: true,
+ Optional: false,
Computed: false,
Validators: []validator.String{
- stringvalidator.OneOf("cidr"),
+ stringvalidator.OneOf("CIDR", "IPAddress", "Hostname"),
},
},
"value": schema.StringAttribute{
Description: "Value specifies the address value.",
MarkdownDescription: "Value specifies the address value.",
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
},
diff --git a/internal/provider/gloo_solo_io_v1/gloo_solo_io_settings_v1_manifest.go b/internal/provider/gloo_solo_io_v1/gloo_solo_io_settings_v1_manifest.go
index 5b9491d38..deb346297 100644
--- a/internal/provider/gloo_solo_io_v1/gloo_solo_io_settings_v1_manifest.go
+++ b/internal/provider/gloo_solo_io_v1/gloo_solo_io_settings_v1_manifest.go
@@ -509,6 +509,14 @@ type GlooSoloIoSettingsV1ManifestData struct {
TlsServerName *string `tfsdk:"tls_server_name" json:"tlsServerName,omitempty"`
Token *string `tfsdk:"token" json:"token,omitempty"`
} `tfsdk:"vault_secret_source" json:"vaultSecretSource,omitempty"`
+ WatchNamespaceSelectors *[]struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"watch_namespace_selectors" json:"watchNamespaceSelectors,omitempty"`
WatchNamespaces *[]string `tfsdk:"watch_namespaces" json:"watchNamespaces,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
}
@@ -3789,6 +3797,62 @@ func (r *GlooSoloIoSettingsV1Manifest) Schema(_ context.Context, _ datasource.Sc
Computed: false,
},
+ "watch_namespace_selectors": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"watch_namespaces": schema.ListAttribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_dashboard_v1beta1_manifest.go b/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_dashboard_v1beta1_manifest.go
index 153639b5c..4d556a2c9 100644
--- a/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_dashboard_v1beta1_manifest.go
+++ b/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_dashboard_v1beta1_manifest.go
@@ -227,8 +227,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaDashboardV1Beta1Manifest) Schema(_ context.
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -300,8 +300,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaDashboardV1Beta1Manifest) Schema(_ context.
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -333,8 +333,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaDashboardV1Beta1Manifest) Schema(_ context.
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -397,8 +397,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaDashboardV1Beta1Manifest) Schema(_ context.
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -430,8 +430,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaDashboardV1Beta1Manifest) Schema(_ context.
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -695,8 +695,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaDashboardV1Beta1Manifest) Schema(_ context.
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -728,8 +728,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaDashboardV1Beta1Manifest) Schema(_ context.
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_datasource_v1beta1_manifest.go b/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_datasource_v1beta1_manifest.go
index bd0909e6e..bb29191c5 100644
--- a/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_datasource_v1beta1_manifest.go
+++ b/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_datasource_v1beta1_manifest.go
@@ -422,8 +422,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaDatasourceV1Beta1Manifest) Schema(_ context
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -455,8 +455,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaDatasourceV1Beta1Manifest) Schema(_ context
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_v1beta1_manifest.go b/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_v1beta1_manifest.go
index 241bbdc61..f5afa5eb7 100644
--- a/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_v1beta1_manifest.go
+++ b/internal/provider/grafana_integreatly_org_v1beta1/grafana_integreatly_org_grafana_v1beta1_manifest.go
@@ -372,7 +372,8 @@ type GrafanaIntegreatlyOrgGrafanaV1Beta1ManifestData struct {
} `tfsdk:"resize_policy" json:"resizePolicy,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -629,7 +630,8 @@ type GrafanaIntegreatlyOrgGrafanaV1Beta1ManifestData struct {
} `tfsdk:"resize_policy" json:"resizePolicy,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -889,7 +891,8 @@ type GrafanaIntegreatlyOrgGrafanaV1Beta1ManifestData struct {
} `tfsdk:"resize_policy" json:"resizePolicy,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -1012,8 +1015,9 @@ type GrafanaIntegreatlyOrgGrafanaV1Beta1ManifestData struct {
LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
- SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
- Sysctls *[]struct {
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ SupplementalGroupsPolicy *string `tfsdk:"supplemental_groups_policy" json:"supplementalGroupsPolicy,omitempty"`
+ Sysctls *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"sysctls" json:"sysctls,omitempty"`
@@ -1206,6 +1210,10 @@ type GrafanaIntegreatlyOrgGrafanaV1Beta1ManifestData struct {
Path *string `tfsdk:"path" json:"path,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"host_path" json:"hostPath,omitempty"`
+ Image *struct {
+ PullPolicy *string `tfsdk:"pull_policy" json:"pullPolicy,omitempty"`
+ Reference *string `tfsdk:"reference" json:"reference,omitempty"`
+ } `tfsdk:"image" json:"image,omitempty"`
Iscsi *struct {
ChapAuthDiscovery *bool `tfsdk:"chap_auth_discovery" json:"chapAuthDiscovery,omitempty"`
ChapAuthSession *bool `tfsdk:"chap_auth_session" json:"chapAuthSession,omitempty"`
@@ -1465,7 +1473,8 @@ type GrafanaIntegreatlyOrgGrafanaV1Beta1ManifestData struct {
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -1825,8 +1834,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "DeploymentStrategy describes how to replace existing pods with new ones.",
Attributes: map[string]schema.Attribute{
"rolling_update": schema.SingleNestedAttribute{
- Description: "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be.",
- MarkdownDescription: "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate. --- TODO: Update this to follow our convention for oneOf, whatever we decide it to be.",
+ Description: "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.",
+ MarkdownDescription: "Rolling update config params. Present only if DeploymentStrategyType = RollingUpdate.",
Attributes: map[string]schema.Attribute{
"max_surge": schema.StringAttribute{
Description: "The maximum number of pods that can be scheduled above the desired number of pods. Value can be an absolute number (ex: 5) or a percentage of desired pods (ex: 10%). This can not be 0 if MaxUnavailable is 0. Absolute number is calculated from percentage by rounding up. Defaults to 25%. Example: when this is set to 30%, the new ReplicaSet can be scaled up immediately when the rolling update starts, such that the total number of old and new pods do not exceed 130% of desired pods. Once old pods have been killed, new ReplicaSet can be scaled up further, ensuring that total number of pods running at any time during the update is at most 130% of desired pods.",
@@ -2178,8 +2187,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2187,8 +2196,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2345,8 +2354,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2354,8 +2363,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2512,8 +2521,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2521,8 +2530,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2679,8 +2688,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2688,8 +2697,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2852,8 +2861,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2943,8 +2952,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2984,8 +2993,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3017,8 +3026,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -3830,6 +3839,14 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -3941,8 +3958,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"proc_mount": schema.StringAttribute{
- Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
- MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
Required: false,
Optional: true,
Computed: false,
@@ -4564,8 +4581,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -4655,8 +4672,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -4696,8 +4713,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -4729,8 +4746,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -5542,6 +5559,14 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -5653,8 +5678,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"proc_mount": schema.StringAttribute{
- Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
- MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
Required: false,
Optional: true,
Computed: false,
@@ -6227,8 +6252,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -6301,8 +6326,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -6392,8 +6417,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -6433,8 +6458,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -6466,8 +6491,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -7279,6 +7304,14 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -7390,8 +7423,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"proc_mount": schema.StringAttribute{
- Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
- MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
Required: false,
Optional: true,
Computed: false,
@@ -8128,14 +8161,22 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"supplemental_groups": schema.ListAttribute{
- Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
- MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.",
ElementType: types.StringType,
Required: false,
Optional: true,
Computed: false,
},
+ "supplemental_groups_policy": schema.StringAttribute{
+ Description: "Defines how supplemental groups of the first container processes are calculated. Valid values are 'Merge' and 'Strict'. If not specified, 'Merge' is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "Defines how supplemental groups of the first container processes are calculated. Valid values are 'Merge' and 'Strict'. If not specified, 'Merge' is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sysctls": schema.ListNestedAttribute{
Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
@@ -8440,8 +8481,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "awsElasticBlockStore represents an AWS Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#awselasticblockstore",
Required: false,
Optional: true,
Computed: false,
@@ -8608,8 +8649,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -8658,8 +8699,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -8731,8 +8772,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -8776,8 +8817,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -9131,8 +9172,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"volume_attributes_class_name": schema.StringAttribute{
- Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
- MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
Required: false,
Optional: true,
Computed: false,
@@ -9174,8 +9215,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "fc represents a Fibre Channel resource that is attached to a kubelet's host machine and then exposed to the pod.",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.",
+ MarkdownDescription: "fsType is the filesystem type to mount. Must be a filesystem type supported by the host operating system. Ex. 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified.",
Required: false,
Optional: true,
Computed: false,
@@ -9262,8 +9303,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -9309,8 +9350,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "gcePersistentDisk represents a GCE Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
+ MarkdownDescription: "fsType is filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#gcepersistentdisk",
Required: false,
Optional: true,
Computed: false,
@@ -9412,8 +9453,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"host_path": schema.SingleNestedAttribute{
- Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.",
- MarkdownDescription: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath --- TODO(jonesdl) We need to restrict who can use host directory mounts and who can/can not mount host directories as read/write.",
+ Description: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
+ MarkdownDescription: "hostPath represents a pre-existing file or directory on the host machine that is directly exposed to the container. This is generally used for system agents or other privileged things that are allowed to see the host machine. Most containers will NOT need this. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
Attributes: map[string]schema.Attribute{
"path": schema.StringAttribute{
Description: "path of the directory on the host. If the path is a symlink, it will follow the link to the real path. More info: https://kubernetes.io/docs/concepts/storage/volumes#hostpath",
@@ -9436,6 +9477,31 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
Computed: false,
},
+ "image": schema.SingleNestedAttribute{
+ Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided: - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.",
+ MarkdownDescription: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided: - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.",
+ Attributes: map[string]schema.Attribute{
+ "pull_policy": schema.StringAttribute{
+ Description: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.",
+ MarkdownDescription: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "reference": schema.StringAttribute{
+ Description: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.",
+ MarkdownDescription: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"iscsi": schema.SingleNestedAttribute{
Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md",
MarkdownDescription: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md",
@@ -9457,8 +9523,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#iscsi",
Required: false,
Optional: true,
Computed: false,
@@ -9518,8 +9584,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "secretRef is the CHAP Secret for iSCSI target and initiator authentication",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -9680,8 +9746,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"sources": schema.ListNestedAttribute{
- Description: "sources is the list of volume projections",
- MarkdownDescription: "sources is the list of volume projections",
+ Description: "sources is the list of volume projections. Each entry in this list handles one source.",
+ MarkdownDescription: "sources is the list of volume projections. Each entry in this list handles one source.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"cluster_trust_bundle": schema.SingleNestedAttribute{
@@ -9819,8 +9885,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -9973,8 +10039,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -10099,8 +10165,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "rbd represents a Rados Block Device mount on the host that shares a pod's lifetime. More info: https://examples.k8s.io/volumes/rbd/README.md",
Attributes: map[string]schema.Attribute{
"fs_type": schema.StringAttribute{
- Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine",
- MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd TODO: how do we prevent errors in the filesystem from compromising the machine",
+ Description: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd",
+ MarkdownDescription: "fsType is the filesystem type of the volume that you want to mount. Tip: Ensure that the filesystem type is supported by the host operating system. Examples: 'ext4', 'xfs', 'ntfs'. Implicitly inferred to be 'ext4' if unspecified. More info: https://kubernetes.io/docs/concepts/storage/volumes#rbd",
Required: false,
Optional: true,
Computed: false,
@@ -10152,8 +10218,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -10218,8 +10284,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -10368,8 +10434,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
MarkdownDescription: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -10485,8 +10551,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -10518,8 +10584,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -10551,8 +10617,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -11119,6 +11185,14 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -11762,8 +11836,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -11816,8 +11890,8 @@ func (r *GrafanaIntegreatlyOrgGrafanaV1Beta1Manifest) Schema(_ context.Context,
},
"field_path": schema.StringAttribute{
- Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
- MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
+ Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
+ MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/hive_openshift_io_v1/hive_openshift_io_cluster_deployment_v1_manifest.go b/internal/provider/hive_openshift_io_v1/hive_openshift_io_cluster_deployment_v1_manifest.go
index 38f77fcd4..2ca1673b4 100644
--- a/internal/provider/hive_openshift_io_v1/hive_openshift_io_cluster_deployment_v1_manifest.go
+++ b/internal/provider/hive_openshift_io_v1/hive_openshift_io_cluster_deployment_v1_manifest.go
@@ -178,7 +178,11 @@ type HiveOpenshiftIoClusterDeploymentV1ManifestData struct {
Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
ServiceAttachment *struct {
Subnet *struct {
- Cidr *string `tfsdk:"cidr" json:"cidr,omitempty"`
+ Cidr *string `tfsdk:"cidr" json:"cidr,omitempty"`
+ Existing *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Project *string `tfsdk:"project" json:"project,omitempty"`
+ } `tfsdk:"existing" json:"existing,omitempty"`
} `tfsdk:"subnet" json:"subnet,omitempty"`
} `tfsdk:"service_attachment" json:"serviceAttachment,omitempty"`
} `tfsdk:"private_service_connect" json:"privateServiceConnect,omitempty"`
@@ -1203,12 +1207,37 @@ func (r *HiveOpenshiftIoClusterDeploymentV1Manifest) Schema(_ context.Context, _
MarkdownDescription: "Subnet configures the subnetwork that contains the service attachment.",
Attributes: map[string]schema.Attribute{
"cidr": schema.StringAttribute{
- Description: "Cidr configures the network cidr of the subnetwork that contains the service attachment.",
- MarkdownDescription: "Cidr configures the network cidr of the subnetwork that contains the service attachment.",
+ Description: "Cidr specifies the cidr to use when creating a service attachment subnet.",
+ MarkdownDescription: "Cidr specifies the cidr to use when creating a service attachment subnet.",
Required: false,
Optional: true,
Computed: false,
},
+
+ "existing": schema.SingleNestedAttribute{
+ Description: "Existing specifies a pre-existing subnet to use instead of creating a new service attachment subnet. This is required when using BYO VPCs. It must be in the same region as the api-int load balancer, be configured with a purpose of 'Private Service Connect', and have sufficient routing and firewall rules to access the api-int load balancer.",
+ MarkdownDescription: "Existing specifies a pre-existing subnet to use instead of creating a new service attachment subnet. This is required when using BYO VPCs. It must be in the same region as the api-int load balancer, be configured with a purpose of 'Private Service Connect', and have sufficient routing and firewall rules to access the api-int load balancer.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "Name specifies the name of the existing subnet.",
+ MarkdownDescription: "Name specifies the name of the existing subnet.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "project": schema.StringAttribute{
+ Description: "Project specifies the project the subnet exists in. This is required for Shared VPC.",
+ MarkdownDescription: "Project specifies the project the subnet exists in. This is required for Shared VPC.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
diff --git a/internal/provider/hive_openshift_io_v1/hive_openshift_io_cluster_pool_v1_manifest.go b/internal/provider/hive_openshift_io_v1/hive_openshift_io_cluster_pool_v1_manifest.go
index c56af6a79..914f663f6 100644
--- a/internal/provider/hive_openshift_io_v1/hive_openshift_io_cluster_pool_v1_manifest.go
+++ b/internal/provider/hive_openshift_io_v1/hive_openshift_io_cluster_pool_v1_manifest.go
@@ -141,7 +141,11 @@ type HiveOpenshiftIoClusterPoolV1ManifestData struct {
Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
ServiceAttachment *struct {
Subnet *struct {
- Cidr *string `tfsdk:"cidr" json:"cidr,omitempty"`
+ Cidr *string `tfsdk:"cidr" json:"cidr,omitempty"`
+ Existing *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Project *string `tfsdk:"project" json:"project,omitempty"`
+ } `tfsdk:"existing" json:"existing,omitempty"`
} `tfsdk:"subnet" json:"subnet,omitempty"`
} `tfsdk:"service_attachment" json:"serviceAttachment,omitempty"`
} `tfsdk:"private_service_connect" json:"privateServiceConnect,omitempty"`
@@ -896,12 +900,37 @@ func (r *HiveOpenshiftIoClusterPoolV1Manifest) Schema(_ context.Context, _ datas
MarkdownDescription: "Subnet configures the subnetwork that contains the service attachment.",
Attributes: map[string]schema.Attribute{
"cidr": schema.StringAttribute{
- Description: "Cidr configures the network cidr of the subnetwork that contains the service attachment.",
- MarkdownDescription: "Cidr configures the network cidr of the subnetwork that contains the service attachment.",
+ Description: "Cidr specifies the cidr to use when creating a service attachment subnet.",
+ MarkdownDescription: "Cidr specifies the cidr to use when creating a service attachment subnet.",
Required: false,
Optional: true,
Computed: false,
},
+
+ "existing": schema.SingleNestedAttribute{
+ Description: "Existing specifies a pre-existing subnet to use instead of creating a new service attachment subnet. This is required when using BYO VPCs. It must be in the same region as the api-int load balancer, be configured with a purpose of 'Private Service Connect', and have sufficient routing and firewall rules to access the api-int load balancer.",
+ MarkdownDescription: "Existing specifies a pre-existing subnet to use instead of creating a new service attachment subnet. This is required when using BYO VPCs. It must be in the same region as the api-int load balancer, be configured with a purpose of 'Private Service Connect', and have sufficient routing and firewall rules to access the api-int load balancer.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "Name specifies the name of the existing subnet.",
+ MarkdownDescription: "Name specifies the name of the existing subnet.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "project": schema.StringAttribute{
+ Description: "Project specifies the project the subnet exists in. This is required for Shared VPC.",
+ MarkdownDescription: "Project specifies the project the subnet exists in. This is required for Shared VPC.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
diff --git a/internal/provider/hive_stackable_tech_v1alpha1/hive_stackable_tech_hive_cluster_v1alpha1_manifest.go b/internal/provider/hive_stackable_tech_v1alpha1/hive_stackable_tech_hive_cluster_v1alpha1_manifest.go
index ffe5d405b..85887e801 100644
--- a/internal/provider/hive_stackable_tech_v1alpha1/hive_stackable_tech_hive_cluster_v1alpha1_manifest.go
+++ b/internal/provider/hive_stackable_tech_v1alpha1/hive_stackable_tech_hive_cluster_v1alpha1_manifest.go
@@ -64,9 +64,10 @@ type HiveStackableTechHiveClusterV1Alpha1ManifestData struct {
AccessStyle *string `tfsdk:"access_style" json:"accessStyle,omitempty"`
Credentials *struct {
Scope *struct {
- Node *bool `tfsdk:"node" json:"node,omitempty"`
- Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
- Services *[]string `tfsdk:"services" json:"services,omitempty"`
+ ListenerVolumes *[]string `tfsdk:"listener_volumes" json:"listenerVolumes,omitempty"`
+ Node *bool `tfsdk:"node" json:"node,omitempty"`
+ Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
+ Services *[]string `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"scope" json:"scope,omitempty"`
SecretClass *string `tfsdk:"secret_class" json:"secretClass,omitempty"`
} `tfsdk:"credentials" json:"credentials,omitempty"`
@@ -402,8 +403,8 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
MarkdownDescription: "S3 connection specification. This can be either 'inline' or a 'reference' to an S3Connection object. Read the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3) to learn more.",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "Inline definition of an S3 connection.",
- MarkdownDescription: "Inline definition of an S3 connection.",
+ Description: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"access_style": schema.StringAttribute{
Description: "Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).",
@@ -424,6 +425,15 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
Description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
MarkdownDescription: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
Attributes: map[string]schema.Attribute{
+ "listener_volumes": schema.ListAttribute{
+ Description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ MarkdownDescription: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"node": schema.BoolAttribute{
Description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
MarkdownDescription: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
@@ -468,10 +478,10 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
},
"host": schema.StringAttribute{
- Description: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- MarkdownDescription: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- Required: false,
- Optional: true,
+ Description: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ MarkdownDescription: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -487,8 +497,8 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
},
"tls": schema.SingleNestedAttribute{
- Description: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
- MarkdownDescription: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
+ Description: "Use a TLS connection. If not specified no TLS will be used.",
+ MarkdownDescription: "Use a TLS connection. If not specified no TLS will be used.",
Attributes: map[string]schema.Attribute{
"verification": schema.SingleNestedAttribute{
Description: "The verification method used to verify the certificates of the server and/or the client.",
@@ -554,8 +564,8 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3Connection resource.",
- MarkdownDescription: "A reference to an S3Connection resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
@@ -641,10 +651,10 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- Required: false,
- Optional: true,
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -700,8 +710,8 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -718,8 +728,8 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -727,8 +737,8 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -1098,8 +1108,8 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1116,8 +1126,8 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1125,8 +1135,8 @@ func (r *HiveStackableTechHiveClusterV1Alpha1Manifest) Schema(_ context.Context,
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
diff --git a/internal/provider/infinispan_org_v1/infinispan_org_infinispan_v1_manifest.go b/internal/provider/infinispan_org_v1/infinispan_org_infinispan_v1_manifest.go
index 03b872ee9..353dd2fff 100644
--- a/internal/provider/infinispan_org_v1/infinispan_org_infinispan_v1_manifest.go
+++ b/internal/provider/infinispan_org_v1/infinispan_org_infinispan_v1_manifest.go
@@ -221,6 +221,7 @@ type InfinispanOrgInfinispanV1ManifestData struct {
} `tfsdk:"jmx" json:"jmx,omitempty"`
Logging *struct {
Categories *map[string]string `tfsdk:"categories" json:"categories,omitempty"`
+ Pattern *string `tfsdk:"pattern" json:"pattern,omitempty"`
} `tfsdk:"logging" json:"logging,omitempty"`
Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
Scheduling *struct {
@@ -1739,6 +1740,14 @@ func (r *InfinispanOrgInfinispanV1Manifest) Schema(_ context.Context, _ datasour
Optional: true,
Computed: false,
},
+
+ "pattern": schema.StringAttribute{
+ Description: "A custom pattern to be applied to the Log4j STDOUT output",
+ MarkdownDescription: "A custom pattern to be applied to the Log4j STDOUT output",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
diff --git a/internal/provider/infinispan_org_v2alpha1/infinispan_org_batch_v2alpha1_manifest.go b/internal/provider/infinispan_org_v2alpha1/infinispan_org_batch_v2alpha1_manifest.go
index 512bde02c..3dd319fbb 100644
--- a/internal/provider/infinispan_org_v2alpha1/infinispan_org_batch_v2alpha1_manifest.go
+++ b/internal/provider/infinispan_org_v2alpha1/infinispan_org_batch_v2alpha1_manifest.go
@@ -46,6 +46,10 @@ type InfinispanOrgBatchV2Alpha1ManifestData struct {
Cluster *string `tfsdk:"cluster" json:"cluster,omitempty"`
Config *string `tfsdk:"config" json:"config,omitempty"`
ConfigMap *string `tfsdk:"config_map" json:"configMap,omitempty"`
+ Container *struct {
+ Cpu *string `tfsdk:"cpu" json:"cpu,omitempty"`
+ Memory *string `tfsdk:"memory" json:"memory,omitempty"`
+ } `tfsdk:"container" json:"container,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
}
@@ -149,6 +153,31 @@ func (r *InfinispanOrgBatchV2Alpha1Manifest) Schema(_ context.Context, _ datasou
Optional: true,
Computed: false,
},
+
+ "container": schema.SingleNestedAttribute{
+ Description: "Specify resource requirements per container",
+ MarkdownDescription: "Specify resource requirements per container",
+ Attributes: map[string]schema.Attribute{
+ "cpu": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "memory": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.go
index c9b1bdc7f..5e21a2851 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_cluster_v1alpha3_manifest.go
@@ -673,8 +673,8 @@ func (r *InfrastructureClusterXK8SIoVsphereClusterV1Alpha3Manifest) Schema(_ con
},
"field_path": schema.StringAttribute{
- Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
- MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
+ Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
+ MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.go
index 946d91fc6..f4fe7638d 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha3_manifest.go
@@ -373,8 +373,8 @@ func (r *InfrastructureClusterXK8SIoVsphereMachineTemplateV1Alpha3Manifest) Sche
MarkdownDescription: "Network is the network configuration for this machine's VM.",
Attributes: map[string]schema.Attribute{
"devices": schema.ListNestedAttribute{
- Description: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
- MarkdownDescription: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
+ Description: "Devices is the list of network devices used by the virtual machine. ",
+ MarkdownDescription: "Devices is the list of network devices used by the virtual machine. ",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"device_name": schema.StringAttribute{
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.go
index 523eb9596..60b9e902a 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha3_manifest.go
@@ -236,8 +236,8 @@ func (r *InfrastructureClusterXK8SIoVsphereMachineV1Alpha3Manifest) Schema(_ con
MarkdownDescription: "Network is the network configuration for this machine's VM.",
Attributes: map[string]schema.Attribute{
"devices": schema.ListNestedAttribute{
- Description: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
- MarkdownDescription: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
+ Description: "Devices is the list of network devices used by the virtual machine. ",
+ MarkdownDescription: "Devices is the list of network devices used by the virtual machine. ",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"device_name": schema.StringAttribute{
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.go
index 125a3e498..63f2c2a01 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha3/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha3_manifest.go
@@ -195,8 +195,8 @@ func (r *InfrastructureClusterXK8SIoVsphereVmV1Alpha3Manifest) Schema(_ context.
},
"field_path": schema.StringAttribute{
- Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
- MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
+ Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
+ MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
Required: false,
Optional: true,
Computed: false,
@@ -309,8 +309,8 @@ func (r *InfrastructureClusterXK8SIoVsphereVmV1Alpha3Manifest) Schema(_ context.
MarkdownDescription: "Network is the network configuration for this machine's VM.",
Attributes: map[string]schema.Attribute{
"devices": schema.ListNestedAttribute{
- Description: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
- MarkdownDescription: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
+ Description: "Devices is the list of network devices used by the virtual machine. ",
+ MarkdownDescription: "Devices is the list of network devices used by the virtual machine. ",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"device_name": schema.StringAttribute{
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.go
index d04950557..0277169bf 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1alpha4_manifest.go
@@ -279,8 +279,8 @@ func (r *InfrastructureClusterXK8SIoVsphereMachineTemplateV1Alpha4Manifest) Sche
MarkdownDescription: "Network is the network configuration for this machine's VM.",
Attributes: map[string]schema.Attribute{
"devices": schema.ListNestedAttribute{
- Description: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
- MarkdownDescription: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
+ Description: "Devices is the list of network devices used by the virtual machine. ",
+ MarkdownDescription: "Devices is the list of network devices used by the virtual machine. ",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"device_name": schema.StringAttribute{
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.go
index 2a1a28ea2..256157e03 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1alpha4_manifest.go
@@ -236,8 +236,8 @@ func (r *InfrastructureClusterXK8SIoVsphereMachineV1Alpha4Manifest) Schema(_ con
MarkdownDescription: "Network is the network configuration for this machine's VM.",
Attributes: map[string]schema.Attribute{
"devices": schema.ListNestedAttribute{
- Description: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
- MarkdownDescription: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
+ Description: "Devices is the list of network devices used by the virtual machine. ",
+ MarkdownDescription: "Devices is the list of network devices used by the virtual machine. ",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"device_name": schema.StringAttribute{
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.go
index 6b4730fb3..4d2a32e7d 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1alpha4/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1alpha4_manifest.go
@@ -195,8 +195,8 @@ func (r *InfrastructureClusterXK8SIoVsphereVmV1Alpha4Manifest) Schema(_ context.
},
"field_path": schema.StringAttribute{
- Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
- MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
+ Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
+ MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
Required: false,
Optional: true,
Computed: false,
@@ -309,8 +309,8 @@ func (r *InfrastructureClusterXK8SIoVsphereVmV1Alpha4Manifest) Schema(_ context.
MarkdownDescription: "Network is the network configuration for this machine's VM.",
Attributes: map[string]schema.Attribute{
"devices": schema.ListNestedAttribute{
- Description: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
- MarkdownDescription: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
+ Description: "Devices is the list of network devices used by the virtual machine. ",
+ MarkdownDescription: "Devices is the list of network devices used by the virtual machine. ",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"device_name": schema.StringAttribute{
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.go
index 3be06bc9f..95490aa59 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_machine_template_v1beta1_manifest.go
@@ -344,8 +344,8 @@ func (r *InfrastructureClusterXK8SIoVsphereMachineTemplateV1Beta1Manifest) Schem
MarkdownDescription: "Network is the network configuration for this machine's VM.",
Attributes: map[string]schema.Attribute{
"devices": schema.ListNestedAttribute{
- Description: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
- MarkdownDescription: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
+ Description: "Devices is the list of network devices used by the virtual machine. ",
+ MarkdownDescription: "Devices is the list of network devices used by the virtual machine. ",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"addresses_from_pools": schema.ListNestedAttribute{
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.go
index 12785d330..d196d1c1d 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_machine_v1beta1_manifest.go
@@ -301,8 +301,8 @@ func (r *InfrastructureClusterXK8SIoVsphereMachineV1Beta1Manifest) Schema(_ cont
MarkdownDescription: "Network is the network configuration for this machine's VM.",
Attributes: map[string]schema.Attribute{
"devices": schema.ListNestedAttribute{
- Description: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
- MarkdownDescription: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
+ Description: "Devices is the list of network devices used by the virtual machine. ",
+ MarkdownDescription: "Devices is the list of network devices used by the virtual machine. ",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"addresses_from_pools": schema.ListNestedAttribute{
diff --git a/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.go b/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.go
index 0cd63516c..de4b4bd6a 100644
--- a/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.go
+++ b/internal/provider/infrastructure_cluster_x_k8s_io_v1beta1/infrastructure_cluster_x_k8s_io_v_sphere_vm_v1beta1_manifest.go
@@ -244,8 +244,8 @@ func (r *InfrastructureClusterXK8SIoVsphereVmV1Beta1Manifest) Schema(_ context.C
},
"field_path": schema.StringAttribute{
- Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
- MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object. TODO: this design is not final and this field is subject to change in the future.",
+ Description: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
+ MarkdownDescription: "If referring to a piece of an object instead of an entire object, this string should contain a valid JSON/Go field access statement, such as desiredState.manifest.containers[2]. For example, if the object reference is to a container within a pod, this would take on a value like: 'spec.containers{name}' (where 'name' refers to the name of the container that triggered the event) or if no container name is specified 'spec.containers[2]' (container with index 2 in this pod). This syntax is chosen only to have some well-defined way of referencing a part of an object.",
Required: false,
Optional: true,
Computed: false,
@@ -374,8 +374,8 @@ func (r *InfrastructureClusterXK8SIoVsphereVmV1Beta1Manifest) Schema(_ context.C
MarkdownDescription: "Network is the network configuration for this machine's VM.",
Attributes: map[string]schema.Attribute{
"devices": schema.ListNestedAttribute{
- Description: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
- MarkdownDescription: "Devices is the list of network devices used by the virtual machine. TODO(akutz) Make sure at least one network matches the ClusterSpec.CloudProviderConfiguration.Network.Name",
+ Description: "Devices is the list of network devices used by the virtual machine. ",
+ MarkdownDescription: "Devices is the list of network devices used by the virtual machine. ",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"addresses_from_pools": schema.ListNestedAttribute{
diff --git a/internal/provider/jaegertracing_io_v1/jaegertracing_io_jaeger_v1_manifest.go b/internal/provider/jaegertracing_io_v1/jaegertracing_io_jaeger_v1_manifest.go
index adc17437c..ab851fa0d 100644
--- a/internal/provider/jaegertracing_io_v1/jaegertracing_io_jaeger_v1_manifest.go
+++ b/internal/provider/jaegertracing_io_v1/jaegertracing_io_jaeger_v1_manifest.go
@@ -2773,6 +2773,7 @@ type JaegertracingIoJaegerV1ManifestData struct {
HtpasswdFile *string `tfsdk:"htpasswd_file" json:"htpasswdFile,omitempty"`
Sar *string `tfsdk:"sar" json:"sar,omitempty"`
SkipLogout *bool `tfsdk:"skip_logout" json:"skipLogout,omitempty"`
+ Timeout *string `tfsdk:"timeout" json:"timeout,omitempty"`
} `tfsdk:"openshift" json:"openshift,omitempty"`
Options *map[string]string `tfsdk:"options" json:"options,omitempty"`
PathType *string `tfsdk:"path_type" json:"pathType,omitempty"`
@@ -24440,6 +24441,14 @@ func (r *JaegertracingIoJaegerV1Manifest) Schema(_ context.Context, _ datasource
Optional: true,
Computed: false,
},
+
+ "timeout": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
diff --git a/internal/provider/k6_io_v1alpha1/k6_io_k6_v1alpha1_manifest.go b/internal/provider/k6_io_v1alpha1/k6_io_k6_v1alpha1_manifest.go
index 704355f63..b9f16b7cd 100644
--- a/internal/provider/k6_io_v1alpha1/k6_io_k6_v1alpha1_manifest.go
+++ b/internal/provider/k6_io_v1alpha1/k6_io_k6_v1alpha1_manifest.go
@@ -89,6 +89,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -111,6 +113,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -134,6 +138,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -156,6 +162,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -172,7 +180,11 @@ type K6IoK6V1Alpha1ManifestData struct {
AutomountServiceAccountToken *string `tfsdk:"automount_service_account_token" json:"automountServiceAccountToken,omitempty"`
ContainerSecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -282,12 +294,13 @@ type K6IoK6V1Alpha1ManifestData struct {
Image *string `tfsdk:"image" json:"image,omitempty"`
Name *string `tfsdk:"name" json:"name,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
@@ -356,12 +369,17 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"readiness_probe" json:"readinessProbe,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
SecurityContext *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
@@ -377,8 +395,9 @@ type K6IoK6V1Alpha1ManifestData struct {
LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
- SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
- Sysctls *[]struct {
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ SupplementalGroupsPolicy *string `tfsdk:"supplemental_groups_policy" json:"supplementalGroupsPolicy,omitempty"`
+ Sysctls *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"sysctls" json:"sysctls,omitempty"`
@@ -415,12 +434,13 @@ type K6IoK6V1Alpha1ManifestData struct {
WhenUnsatisfiable *string `tfsdk:"when_unsatisfiable" json:"whenUnsatisfiable,omitempty"`
} `tfsdk:"topology_spread_constraints" json:"topologySpreadConstraints,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
Volumes *[]struct {
AwsElasticBlockStore *struct {
@@ -516,9 +536,6 @@ type K6IoK6V1Alpha1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -530,9 +547,10 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -576,6 +594,10 @@ type K6IoK6V1Alpha1ManifestData struct {
Path *string `tfsdk:"path" json:"path,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"host_path" json:"hostPath,omitempty"`
+ Image *struct {
+ PullPolicy *string `tfsdk:"pull_policy" json:"pullPolicy,omitempty"`
+ Reference *string `tfsdk:"reference" json:"reference,omitempty"`
+ } `tfsdk:"image" json:"image,omitempty"`
Iscsi *struct {
ChapAuthDiscovery *bool `tfsdk:"chap_auth_discovery" json:"chapAuthDiscovery,omitempty"`
ChapAuthSession *bool `tfsdk:"chap_auth_session" json:"chapAuthSession,omitempty"`
@@ -613,6 +635,20 @@ type K6IoK6V1Alpha1ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -768,6 +804,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -790,6 +828,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -813,6 +853,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -835,6 +877,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -851,7 +895,11 @@ type K6IoK6V1Alpha1ManifestData struct {
AutomountServiceAccountToken *string `tfsdk:"automount_service_account_token" json:"automountServiceAccountToken,omitempty"`
ContainerSecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -961,12 +1009,13 @@ type K6IoK6V1Alpha1ManifestData struct {
Image *string `tfsdk:"image" json:"image,omitempty"`
Name *string `tfsdk:"name" json:"name,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
@@ -1035,12 +1084,17 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"readiness_probe" json:"readinessProbe,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
SecurityContext *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
@@ -1056,8 +1110,9 @@ type K6IoK6V1Alpha1ManifestData struct {
LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
- SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
- Sysctls *[]struct {
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ SupplementalGroupsPolicy *string `tfsdk:"supplemental_groups_policy" json:"supplementalGroupsPolicy,omitempty"`
+ Sysctls *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"sysctls" json:"sysctls,omitempty"`
@@ -1094,12 +1149,13 @@ type K6IoK6V1Alpha1ManifestData struct {
WhenUnsatisfiable *string `tfsdk:"when_unsatisfiable" json:"whenUnsatisfiable,omitempty"`
} `tfsdk:"topology_spread_constraints" json:"topologySpreadConstraints,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
Volumes *[]struct {
AwsElasticBlockStore *struct {
@@ -1195,9 +1251,6 @@ type K6IoK6V1Alpha1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -1209,9 +1262,10 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -1255,6 +1309,10 @@ type K6IoK6V1Alpha1ManifestData struct {
Path *string `tfsdk:"path" json:"path,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"host_path" json:"hostPath,omitempty"`
+ Image *struct {
+ PullPolicy *string `tfsdk:"pull_policy" json:"pullPolicy,omitempty"`
+ Reference *string `tfsdk:"reference" json:"reference,omitempty"`
+ } `tfsdk:"image" json:"image,omitempty"`
Iscsi *struct {
ChapAuthDiscovery *bool `tfsdk:"chap_auth_discovery" json:"chapAuthDiscovery,omitempty"`
ChapAuthSession *bool `tfsdk:"chap_auth_session" json:"chapAuthSession,omitempty"`
@@ -1292,6 +1350,20 @@ type K6IoK6V1Alpha1ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1462,6 +1534,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1484,6 +1558,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1507,6 +1583,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1529,6 +1607,8 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1545,7 +1625,11 @@ type K6IoK6V1Alpha1ManifestData struct {
AutomountServiceAccountToken *string `tfsdk:"automount_service_account_token" json:"automountServiceAccountToken,omitempty"`
ContainerSecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -1655,12 +1739,13 @@ type K6IoK6V1Alpha1ManifestData struct {
Image *string `tfsdk:"image" json:"image,omitempty"`
Name *string `tfsdk:"name" json:"name,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
@@ -1729,12 +1814,17 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"readiness_probe" json:"readinessProbe,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
SecurityContext *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
@@ -1750,8 +1840,9 @@ type K6IoK6V1Alpha1ManifestData struct {
LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
- SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
- Sysctls *[]struct {
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ SupplementalGroupsPolicy *string `tfsdk:"supplemental_groups_policy" json:"supplementalGroupsPolicy,omitempty"`
+ Sysctls *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"sysctls" json:"sysctls,omitempty"`
@@ -1788,12 +1879,13 @@ type K6IoK6V1Alpha1ManifestData struct {
WhenUnsatisfiable *string `tfsdk:"when_unsatisfiable" json:"whenUnsatisfiable,omitempty"`
} `tfsdk:"topology_spread_constraints" json:"topologySpreadConstraints,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
Volumes *[]struct {
AwsElasticBlockStore *struct {
@@ -1889,9 +1981,6 @@ type K6IoK6V1Alpha1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -1903,9 +1992,10 @@ type K6IoK6V1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -1949,6 +2039,10 @@ type K6IoK6V1Alpha1ManifestData struct {
Path *string `tfsdk:"path" json:"path,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"host_path" json:"hostPath,omitempty"`
+ Image *struct {
+ PullPolicy *string `tfsdk:"pull_policy" json:"pullPolicy,omitempty"`
+ Reference *string `tfsdk:"reference" json:"reference,omitempty"`
+ } `tfsdk:"image" json:"image,omitempty"`
Iscsi *struct {
ChapAuthDiscovery *bool `tfsdk:"chap_auth_discovery" json:"chapAuthDiscovery,omitempty"`
ChapAuthSession *bool `tfsdk:"chap_auth_session" json:"chapAuthSession,omitempty"`
@@ -1986,6 +2080,20 @@ type K6IoK6V1Alpha1ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -2464,6 +2572,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -2613,6 +2739,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -2762,6 +2906,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -2911,6 +3073,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -3018,6 +3198,31 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -3774,6 +3979,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -4248,6 +4461,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -4282,6 +4503,31 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"fs_group": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
@@ -4397,6 +4643,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "supplemental_groups_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sysctls": schema.ListNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -4688,6 +4942,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -5325,25 +5587,6 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "",
- MarkdownDescription: "",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "",
MarkdownDescription: "",
@@ -5429,6 +5672,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -5727,6 +5978,31 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "image": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "pull_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "reference": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"iscsi": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -5975,33 +6251,128 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
MarkdownDescription: "",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
- "config_map": schema.SingleNestedAttribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
- "items": schema.ListNestedAttribute{
+ "label_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "key": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: true,
- Optional: false,
- Computed: false,
- },
-
- "mode": schema.Int64Attribute{
- Description: "",
- MarkdownDescription: "",
- Required: false,
- Optional: true,
- Computed: false,
- },
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
- "path": schema.StringAttribute{
- Description: "",
+ "operator": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "config_map": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "items": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "mode": schema.Int64Attribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "",
MarkdownDescription: "",
Required: true,
Optional: false,
@@ -7000,6 +7371,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -7149,6 +7538,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -7298,6 +7705,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -7447,6 +7872,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -7554,6 +7997,31 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -8310,6 +8778,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -8784,6 +9260,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -8818,6 +9302,31 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"fs_group": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
@@ -8933,6 +9442,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "supplemental_groups_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sysctls": schema.ListNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -9224,6 +9741,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -9861,25 +10386,6 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "",
- MarkdownDescription: "",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "",
MarkdownDescription: "",
@@ -9965,7 +10471,7 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
- "volume_mode": schema.StringAttribute{
+ "volume_attributes_class_name": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
Required: false,
@@ -9973,16 +10479,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
- "volume_name": schema.StringAttribute{
+ "volume_mode": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
},
- },
- Required: true,
- Optional: false,
+
+ "volume_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -10263,6 +10777,31 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "image": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "pull_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "reference": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"iscsi": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -10511,6 +11050,101 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
MarkdownDescription: "",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -11633,6 +12267,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -11782,6 +12434,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -11931,6 +12601,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -12080,6 +12768,24 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -12187,6 +12893,31 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -12943,6 +13674,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -13417,6 +14156,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -13451,6 +14198,31 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"fs_group": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
@@ -13566,6 +14338,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "supplemental_groups_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sysctls": schema.ListNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -13857,6 +14637,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -14494,25 +15282,6 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "",
- MarkdownDescription: "",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "",
MarkdownDescription: "",
@@ -14598,6 +15367,14 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -14896,6 +15673,31 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
Computed: false,
},
+ "image": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "pull_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "reference": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"iscsi": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -15144,6 +15946,101 @@ func (r *K6IoK6V1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRe
MarkdownDescription: "",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/k6_io_v1alpha1/k6_io_private_load_zone_v1alpha1_manifest.go b/internal/provider/k6_io_v1alpha1/k6_io_private_load_zone_v1alpha1_manifest.go
index ab71ebe06..7d490e495 100644
--- a/internal/provider/k6_io_v1alpha1/k6_io_private_load_zone_v1alpha1_manifest.go
+++ b/internal/provider/k6_io_v1alpha1/k6_io_private_load_zone_v1alpha1_manifest.go
@@ -50,7 +50,8 @@ type K6IoPrivateLoadZoneV1Alpha1ManifestData struct {
NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -189,6 +190,14 @@ func (r *K6IoPrivateLoadZoneV1Alpha1Manifest) Schema(_ context.Context, _ dataso
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
diff --git a/internal/provider/k6_io_v1alpha1/k6_io_test_run_v1alpha1_manifest.go b/internal/provider/k6_io_v1alpha1/k6_io_test_run_v1alpha1_manifest.go
index d1812f9ff..f55aa3a9d 100644
--- a/internal/provider/k6_io_v1alpha1/k6_io_test_run_v1alpha1_manifest.go
+++ b/internal/provider/k6_io_v1alpha1/k6_io_test_run_v1alpha1_manifest.go
@@ -89,6 +89,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -111,6 +113,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -134,6 +138,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -156,6 +162,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -172,7 +180,11 @@ type K6IoTestRunV1Alpha1ManifestData struct {
AutomountServiceAccountToken *string `tfsdk:"automount_service_account_token" json:"automountServiceAccountToken,omitempty"`
ContainerSecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -282,12 +294,13 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Image *string `tfsdk:"image" json:"image,omitempty"`
Name *string `tfsdk:"name" json:"name,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
@@ -356,12 +369,17 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"readiness_probe" json:"readinessProbe,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
SecurityContext *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
@@ -377,8 +395,9 @@ type K6IoTestRunV1Alpha1ManifestData struct {
LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
- SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
- Sysctls *[]struct {
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ SupplementalGroupsPolicy *string `tfsdk:"supplemental_groups_policy" json:"supplementalGroupsPolicy,omitempty"`
+ Sysctls *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"sysctls" json:"sysctls,omitempty"`
@@ -415,12 +434,13 @@ type K6IoTestRunV1Alpha1ManifestData struct {
WhenUnsatisfiable *string `tfsdk:"when_unsatisfiable" json:"whenUnsatisfiable,omitempty"`
} `tfsdk:"topology_spread_constraints" json:"topologySpreadConstraints,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
Volumes *[]struct {
AwsElasticBlockStore *struct {
@@ -516,9 +536,6 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -530,9 +547,10 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -576,6 +594,10 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Path *string `tfsdk:"path" json:"path,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"host_path" json:"hostPath,omitempty"`
+ Image *struct {
+ PullPolicy *string `tfsdk:"pull_policy" json:"pullPolicy,omitempty"`
+ Reference *string `tfsdk:"reference" json:"reference,omitempty"`
+ } `tfsdk:"image" json:"image,omitempty"`
Iscsi *struct {
ChapAuthDiscovery *bool `tfsdk:"chap_auth_discovery" json:"chapAuthDiscovery,omitempty"`
ChapAuthSession *bool `tfsdk:"chap_auth_session" json:"chapAuthSession,omitempty"`
@@ -613,6 +635,20 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -768,6 +804,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -790,6 +828,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -813,6 +853,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -835,6 +877,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -851,7 +895,11 @@ type K6IoTestRunV1Alpha1ManifestData struct {
AutomountServiceAccountToken *string `tfsdk:"automount_service_account_token" json:"automountServiceAccountToken,omitempty"`
ContainerSecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -961,12 +1009,13 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Image *string `tfsdk:"image" json:"image,omitempty"`
Name *string `tfsdk:"name" json:"name,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
@@ -1035,12 +1084,17 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"readiness_probe" json:"readinessProbe,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
SecurityContext *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
@@ -1056,8 +1110,9 @@ type K6IoTestRunV1Alpha1ManifestData struct {
LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
- SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
- Sysctls *[]struct {
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ SupplementalGroupsPolicy *string `tfsdk:"supplemental_groups_policy" json:"supplementalGroupsPolicy,omitempty"`
+ Sysctls *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"sysctls" json:"sysctls,omitempty"`
@@ -1094,12 +1149,13 @@ type K6IoTestRunV1Alpha1ManifestData struct {
WhenUnsatisfiable *string `tfsdk:"when_unsatisfiable" json:"whenUnsatisfiable,omitempty"`
} `tfsdk:"topology_spread_constraints" json:"topologySpreadConstraints,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
Volumes *[]struct {
AwsElasticBlockStore *struct {
@@ -1195,9 +1251,6 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -1209,9 +1262,10 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -1255,6 +1309,10 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Path *string `tfsdk:"path" json:"path,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"host_path" json:"hostPath,omitempty"`
+ Image *struct {
+ PullPolicy *string `tfsdk:"pull_policy" json:"pullPolicy,omitempty"`
+ Reference *string `tfsdk:"reference" json:"reference,omitempty"`
+ } `tfsdk:"image" json:"image,omitempty"`
Iscsi *struct {
ChapAuthDiscovery *bool `tfsdk:"chap_auth_discovery" json:"chapAuthDiscovery,omitempty"`
ChapAuthSession *bool `tfsdk:"chap_auth_session" json:"chapAuthSession,omitempty"`
@@ -1292,6 +1350,20 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1462,6 +1534,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1484,6 +1558,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1507,6 +1583,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1529,6 +1607,8 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1545,7 +1625,11 @@ type K6IoTestRunV1Alpha1ManifestData struct {
AutomountServiceAccountToken *string `tfsdk:"automount_service_account_token" json:"automountServiceAccountToken,omitempty"`
ContainerSecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -1655,12 +1739,13 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Image *string `tfsdk:"image" json:"image,omitempty"`
Name *string `tfsdk:"name" json:"name,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
@@ -1729,12 +1814,17 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"readiness_probe" json:"readinessProbe,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
SecurityContext *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
@@ -1750,8 +1840,9 @@ type K6IoTestRunV1Alpha1ManifestData struct {
LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
- SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
- Sysctls *[]struct {
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ SupplementalGroupsPolicy *string `tfsdk:"supplemental_groups_policy" json:"supplementalGroupsPolicy,omitempty"`
+ Sysctls *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"sysctls" json:"sysctls,omitempty"`
@@ -1788,12 +1879,13 @@ type K6IoTestRunV1Alpha1ManifestData struct {
WhenUnsatisfiable *string `tfsdk:"when_unsatisfiable" json:"whenUnsatisfiable,omitempty"`
} `tfsdk:"topology_spread_constraints" json:"topologySpreadConstraints,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
Volumes *[]struct {
AwsElasticBlockStore *struct {
@@ -1889,9 +1981,6 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -1903,9 +1992,10 @@ type K6IoTestRunV1Alpha1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -1949,6 +2039,10 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Path *string `tfsdk:"path" json:"path,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"host_path" json:"hostPath,omitempty"`
+ Image *struct {
+ PullPolicy *string `tfsdk:"pull_policy" json:"pullPolicy,omitempty"`
+ Reference *string `tfsdk:"reference" json:"reference,omitempty"`
+ } `tfsdk:"image" json:"image,omitempty"`
Iscsi *struct {
ChapAuthDiscovery *bool `tfsdk:"chap_auth_discovery" json:"chapAuthDiscovery,omitempty"`
ChapAuthSession *bool `tfsdk:"chap_auth_session" json:"chapAuthSession,omitempty"`
@@ -1986,6 +2080,20 @@ type K6IoTestRunV1Alpha1ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -2464,6 +2572,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -2613,6 +2739,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -2762,6 +2906,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -2911,6 +3073,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -3018,6 +3198,31 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -3774,6 +3979,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -4248,6 +4461,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -4282,6 +4503,31 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"fs_group": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
@@ -4397,6 +4643,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "supplemental_groups_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sysctls": schema.ListNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -4688,6 +4942,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -5325,25 +5587,6 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "",
- MarkdownDescription: "",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "",
MarkdownDescription: "",
@@ -5429,6 +5672,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -5727,6 +5978,31 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "image": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "pull_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "reference": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"iscsi": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -5975,33 +6251,128 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
MarkdownDescription: "",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
- "config_map": schema.SingleNestedAttribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
- "items": schema.ListNestedAttribute{
+ "label_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "key": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: true,
- Optional: false,
- Computed: false,
- },
-
- "mode": schema.Int64Attribute{
- Description: "",
- MarkdownDescription: "",
- Required: false,
- Optional: true,
- Computed: false,
- },
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
- "path": schema.StringAttribute{
- Description: "",
+ "operator": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "config_map": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "items": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "mode": schema.Int64Attribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "",
MarkdownDescription: "",
Required: true,
Optional: false,
@@ -7000,6 +7371,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -7149,6 +7538,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -7298,6 +7705,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -7447,6 +7872,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -7554,6 +7997,31 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -8310,6 +8778,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -8784,6 +9260,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -8818,6 +9302,31 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"fs_group": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
@@ -8933,6 +9442,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "supplemental_groups_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sysctls": schema.ListNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -9224,6 +9741,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -9861,25 +10386,6 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "",
- MarkdownDescription: "",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "",
MarkdownDescription: "",
@@ -9965,7 +10471,7 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
- "volume_mode": schema.StringAttribute{
+ "volume_attributes_class_name": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
Required: false,
@@ -9973,16 +10479,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
- "volume_name": schema.StringAttribute{
+ "volume_mode": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
},
- },
- Required: true,
- Optional: false,
+
+ "volume_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -10263,6 +10777,31 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "image": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "pull_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "reference": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"iscsi": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -10511,6 +11050,101 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
MarkdownDescription: "",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -11633,6 +12267,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -11782,6 +12434,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -11931,6 +12601,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -12080,6 +12768,24 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -12187,6 +12893,31 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -12943,6 +13674,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -13417,6 +14156,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -13451,6 +14198,31 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"fs_group": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
@@ -13566,6 +14338,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "supplemental_groups_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sysctls": schema.ListNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -13857,6 +14637,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -14494,25 +15282,6 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Description: "",
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "",
- MarkdownDescription: "",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "",
MarkdownDescription: "",
@@ -14598,6 +15367,14 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -14896,6 +15673,31 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
Computed: false,
},
+ "image": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "pull_policy": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "reference": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"iscsi": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
@@ -15144,6 +15946,101 @@ func (r *K6IoTestRunV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sch
MarkdownDescription: "",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/k8s_mariadb_com_v1alpha1/k8s_mariadb_com_backup_v1alpha1_manifest.go b/internal/provider/k8s_mariadb_com_v1alpha1/k8s_mariadb_com_backup_v1alpha1_manifest.go
index beb0c6394..93472ccfc 100644
--- a/internal/provider/k8s_mariadb_com_v1alpha1/k8s_mariadb_com_backup_v1alpha1_manifest.go
+++ b/internal/provider/k8s_mariadb_com_v1alpha1/k8s_mariadb_com_backup_v1alpha1_manifest.go
@@ -76,6 +76,7 @@ type K8SMariadbComBackupV1Alpha1ManifestData struct {
} `tfsdk:"affinity" json:"affinity,omitempty"`
Args *[]string `tfsdk:"args" json:"args,omitempty"`
BackoffLimit *int64 `tfsdk:"backoff_limit" json:"backoffLimit,omitempty"`
+ Compression *string `tfsdk:"compression" json:"compression,omitempty"`
Databases *[]string `tfsdk:"databases" json:"databases,omitempty"`
FailedJobsHistoryLimit *int64 `tfsdk:"failed_jobs_history_limit" json:"failedJobsHistoryLimit,omitempty"`
IgnoreGlobalPriv *bool `tfsdk:"ignore_global_priv" json:"ignoreGlobalPriv,omitempty"`
@@ -516,6 +517,17 @@ func (r *K8SMariadbComBackupV1Alpha1Manifest) Schema(_ context.Context, _ dataso
Computed: false,
},
+ "compression": schema.StringAttribute{
+ Description: "Compression algorithm to be used in the Backup.",
+ MarkdownDescription: "Compression algorithm to be used in the Backup.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("none", "bzip2", "gzip"),
+ },
+ },
+
"databases": schema.ListAttribute{
Description: "Databases defines the logical databases to be backed up. If not provided, all databases are backed up.",
MarkdownDescription: "Databases defines the logical databases to be backed up. If not provided, all databases are backed up.",
diff --git a/internal/provider/k8s_mariadb_com_v1alpha1/k8s_mariadb_com_maria_db_v1alpha1_manifest.go b/internal/provider/k8s_mariadb_com_v1alpha1/k8s_mariadb_com_maria_db_v1alpha1_manifest.go
index 523683490..7dcb75f3c 100644
--- a/internal/provider/k8s_mariadb_com_v1alpha1/k8s_mariadb_com_maria_db_v1alpha1_manifest.go
+++ b/internal/provider/k8s_mariadb_com_v1alpha1/k8s_mariadb_com_maria_db_v1alpha1_manifest.go
@@ -455,8 +455,10 @@ type K8SMariadbComMariaDbV1Alpha1ManifestData struct {
ProviderOptions *map[string]string `tfsdk:"provider_options" json:"providerOptions,omitempty"`
Recovery *struct {
ClusterBootstrapTimeout *string `tfsdk:"cluster_bootstrap_timeout" json:"clusterBootstrapTimeout,omitempty"`
+ ClusterDownscaleTimeout *string `tfsdk:"cluster_downscale_timeout" json:"clusterDownscaleTimeout,omitempty"`
ClusterHealthyTimeout *string `tfsdk:"cluster_healthy_timeout" json:"clusterHealthyTimeout,omitempty"`
ClusterMonitorInterval *string `tfsdk:"cluster_monitor_interval" json:"clusterMonitorInterval,omitempty"`
+ ClusterUpscaleTimeout *string `tfsdk:"cluster_upscale_timeout" json:"clusterUpscaleTimeout,omitempty"`
Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
ForceClusterBootstrapInPod *string `tfsdk:"force_cluster_bootstrap_in_pod" json:"forceClusterBootstrapInPod,omitempty"`
Job *struct {
@@ -3977,6 +3979,14 @@ func (r *K8SMariadbComMariaDbV1Alpha1Manifest) Schema(_ context.Context, _ datas
Computed: false,
},
+ "cluster_downscale_timeout": schema.StringAttribute{
+ Description: "ClusterDownscaleTimeout represents the maximum duration for downscaling the cluster's StatefulSet during the recovery process.",
+ MarkdownDescription: "ClusterDownscaleTimeout represents the maximum duration for downscaling the cluster's StatefulSet during the recovery process.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"cluster_healthy_timeout": schema.StringAttribute{
Description: "ClusterHealthyTimeout represents the duration at which a Galera cluster, that consistently failed health checks, is considered unhealthy, and consequently the Galera recovery process will be initiated by the operator.",
MarkdownDescription: "ClusterHealthyTimeout represents the duration at which a Galera cluster, that consistently failed health checks, is considered unhealthy, and consequently the Galera recovery process will be initiated by the operator.",
@@ -3993,6 +4003,14 @@ func (r *K8SMariadbComMariaDbV1Alpha1Manifest) Schema(_ context.Context, _ datas
Computed: false,
},
+ "cluster_upscale_timeout": schema.StringAttribute{
+ Description: "ClusterUpscaleTimeout represents the maximum duration for upscaling the cluster's StatefulSet during the recovery process.",
+ MarkdownDescription: "ClusterUpscaleTimeout represents the maximum duration for upscaling the cluster's StatefulSet during the recovery process.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"enabled": schema.BoolAttribute{
Description: "Enabled is a flag to enable GaleraRecovery.",
MarkdownDescription: "Enabled is a flag to enable GaleraRecovery.",
@@ -4081,8 +4099,8 @@ func (r *K8SMariadbComMariaDbV1Alpha1Manifest) Schema(_ context.Context, _ datas
},
"min_cluster_size": schema.StringAttribute{
- Description: "MinClusterSize is the minimum number of replicas to consider the cluster healthy. It can be either a number of replicas (1) or a percentage (50%). If Galera consistently reports less replicas than this value for the given 'ClusterHealthyTimeout' interval, a cluster recovery is iniated. It defaults to '1' replica.",
- MarkdownDescription: "MinClusterSize is the minimum number of replicas to consider the cluster healthy. It can be either a number of replicas (1) or a percentage (50%). If Galera consistently reports less replicas than this value for the given 'ClusterHealthyTimeout' interval, a cluster recovery is iniated. It defaults to '1' replica.",
+ Description: "MinClusterSize is the minimum number of replicas to consider the cluster healthy. It can be either a number of replicas (1) or a percentage (50%). If Galera consistently reports less replicas than this value for the given 'ClusterHealthyTimeout' interval, a cluster recovery is iniated. It defaults to '1' replica, and it is highly recommendeded to keep this value at '1' in most cases. If set to more than one replica, the cluster recovery process may restart the healthy replicas as well.",
+ MarkdownDescription: "MinClusterSize is the minimum number of replicas to consider the cluster healthy. It can be either a number of replicas (1) or a percentage (50%). If Galera consistently reports less replicas than this value for the given 'ClusterHealthyTimeout' interval, a cluster recovery is iniated. It defaults to '1' replica, and it is highly recommendeded to keep this value at '1' in most cases. If set to more than one replica, the cluster recovery process may restart the healthy replicas as well.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/kafka_services_k8s_aws_v1alpha1/kafka_services_k8s_aws_cluster_v1alpha1_manifest.go b/internal/provider/kafka_services_k8s_aws_v1alpha1/kafka_services_k8s_aws_cluster_v1alpha1_manifest.go
index f878e855c..66be029e8 100644
--- a/internal/provider/kafka_services_k8s_aws_v1alpha1/kafka_services_k8s_aws_cluster_v1alpha1_manifest.go
+++ b/internal/provider/kafka_services_k8s_aws_v1alpha1/kafka_services_k8s_aws_cluster_v1alpha1_manifest.go
@@ -55,7 +55,7 @@ type KafkaServicesK8SAwsClusterV1Alpha1ManifestData struct {
ClientSubnets *[]string `tfsdk:"client_subnets" json:"clientSubnets,omitempty"`
ConnectivityInfo *struct {
PublicAccess *struct {
- Type_ *string `tfsdk:"type_" json:"type_,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"public_access" json:"publicAccess,omitempty"`
} `tfsdk:"connectivity_info" json:"connectivityInfo,omitempty"`
InstanceType *string `tfsdk:"instance_type" json:"instanceType,omitempty"`
@@ -287,7 +287,7 @@ func (r *KafkaServicesK8SAwsClusterV1Alpha1Manifest) Schema(_ context.Context, _
Description: "Broker public access control.",
MarkdownDescription: "Broker public access control.",
Attributes: map[string]schema.Attribute{
- "type_": schema.StringAttribute{
+ "type": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
Required: false,
diff --git a/internal/provider/kiali_io_v1alpha1/kiali_io_kiali_v1alpha1_manifest.go b/internal/provider/kiali_io_v1alpha1/kiali_io_kiali_v1alpha1_manifest.go
index cf98938ca..83fce820a 100644
--- a/internal/provider/kiali_io_v1alpha1/kiali_io_kiali_v1alpha1_manifest.go
+++ b/internal/provider/kiali_io_v1alpha1/kiali_io_kiali_v1alpha1_manifest.go
@@ -166,6 +166,10 @@ type KialiIoKialiV1Alpha1ManifestData struct {
Version_label *string `tfsdk:"version_label" json:"version_label,omitempty"`
View_only_mode *bool `tfsdk:"view_only_mode" json:"view_only_mode,omitempty"`
} `tfsdk:"deployment" json:"deployment,omitempty"`
+ Extensions *[]struct {
+ Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"extensions" json:"extensions,omitempty"`
External_services *struct {
Custom_dashboards *struct {
Discovery_auto_threshold *int64 `tfsdk:"discovery_auto_threshold" json:"discovery_auto_threshold,omitempty"`
@@ -337,10 +341,6 @@ type KialiIoKialiV1Alpha1ManifestData struct {
} `tfsdk:"istio_labels" json:"istio_labels,omitempty"`
Istio_namespace *string `tfsdk:"istio_namespace" json:"istio_namespace,omitempty"`
Kiali_feature_flags *struct {
- Certificates_information_indicators *struct {
- Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
- Secrets *[]string `tfsdk:"secrets" json:"secrets,omitempty"`
- } `tfsdk:"certificates_information_indicators" json:"certificates_information_indicators,omitempty"`
Disabled_features *[]string `tfsdk:"disabled_features" json:"disabled_features,omitempty"`
Istio_annotation_action *bool `tfsdk:"istio_annotation_action" json:"istio_annotation_action,omitempty"`
Istio_injection_action *bool `tfsdk:"istio_injection_action" json:"istio_injection_action,omitempty"`
@@ -1406,6 +1406,33 @@ func (r *KialiIoKialiV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sc
Computed: false,
},
+ "extensions": schema.ListNestedAttribute{
+ Description: "Defines third-party extensions whose metrics can be integrated into the Kiali traffic graph. ",
+ MarkdownDescription: "Defines third-party extensions whose metrics can be integrated into the Kiali traffic graph. ",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "enabled": schema.BoolAttribute{
+ Description: "Determines if the Kiali traffic graph should incorporate the extension's metrics.",
+ MarkdownDescription: "Determines if the Kiali traffic graph should incorporate the extension's metrics.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "The name that is used to identify the metric time series for the extension.",
+ MarkdownDescription: "The name that is used to identify the metric time series for the extension.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"external_services": schema.SingleNestedAttribute{
Description: "These external service configuration settings define how to connect to the external services like Prometheus, Grafana, and Jaeger. Regarding sensitive values in the external_services 'auth' sections: Some external services configured below support an 'auth' sub-section in order to tell Kiali how it should authenticate with the external services. Credentials used to authenticate Kiali to those external services can be defined in the 'auth.password' and 'auth.token' values within the 'auth' sub-section. Because these are sensitive values, you may not want to declare the actual credentials here in the Kiali CR. In this case, you may store the actual password or token string in a Kubernetes secret. If you do, you need to set the 'auth.password' or 'auth.token' to a value in the format 'secret::' where '' is the name of the secret object that Kiali can access, and '' is the name of the key within the named secret that contains the actual password or token string. For example, if Grafana requires a password, you can store that password in a secret named 'myGrafanaCredentials' in a key named 'myGrafanaPw'. In this case, you would set 'external_services.grafana.auth.password' to 'secret:myGrafanaCredentials:myGrafanaPw'. ",
MarkdownDescription: "These external service configuration settings define how to connect to the external services like Prometheus, Grafana, and Jaeger. Regarding sensitive values in the external_services 'auth' sections: Some external services configured below support an 'auth' sub-section in order to tell Kiali how it should authenticate with the external services. Credentials used to authenticate Kiali to those external services can be defined in the 'auth.password' and 'auth.token' values within the 'auth' sub-section. Because these are sensitive values, you may not want to declare the actual credentials here in the Kiali CR. In this case, you may store the actual password or token string in a Kubernetes secret. If you do, you need to set the 'auth.password' or 'auth.token' to a value in the format 'secret::' where '' is the name of the secret object that Kiali can access, and '' is the name of the key within the named secret that contains the actual password or token string. For example, if Grafana requires a password, you can store that password in a secret named 'myGrafanaCredentials' in a key named 'myGrafanaPw'. In this case, you would set 'external_services.grafana.auth.password' to 'secret:myGrafanaCredentials:myGrafanaPw'. ",
@@ -2612,32 +2639,6 @@ func (r *KialiIoKialiV1Alpha1Manifest) Schema(_ context.Context, _ datasource.Sc
Description: "Kiali features that can be enabled or disabled.",
MarkdownDescription: "Kiali features that can be enabled or disabled.",
Attributes: map[string]schema.Attribute{
- "certificates_information_indicators": schema.SingleNestedAttribute{
- Description: "Flag to enable/disable displaying certificates information and which secrets to grant read permissions.",
- MarkdownDescription: "Flag to enable/disable displaying certificates information and which secrets to grant read permissions.",
- Attributes: map[string]schema.Attribute{
- "enabled": schema.BoolAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: false,
- Optional: true,
- Computed: false,
- },
-
- "secrets": schema.ListAttribute{
- Description: "",
- MarkdownDescription: "",
- ElementType: types.StringType,
- Required: false,
- Optional: true,
- Computed: false,
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"disabled_features": schema.ListAttribute{
Description: "There may be some features that admins do not want to be accessible to users (even in 'view only' mode). In this case, this setting allows you to disable one or more of those features entirely.",
MarkdownDescription: "There may be some features that admins do not want to be accessible to users (even in 'view only' mode). In this case, this setting allows you to disable one or more of those features entirely.",
diff --git a/internal/provider/kuadrant_io_v1alpha1/kuadrant_io_dns_record_v1alpha1_manifest.go b/internal/provider/kuadrant_io_v1alpha1/kuadrant_io_dns_record_v1alpha1_manifest.go
index e34ee2500..0fccd67aa 100644
--- a/internal/provider/kuadrant_io_v1alpha1/kuadrant_io_dns_record_v1alpha1_manifest.go
+++ b/internal/provider/kuadrant_io_v1alpha1/kuadrant_io_dns_record_v1alpha1_manifest.go
@@ -57,10 +57,15 @@ type KuadrantIoDnsrecordV1Alpha1ManifestData struct {
Targets *[]string `tfsdk:"targets" json:"targets,omitempty"`
} `tfsdk:"endpoints" json:"endpoints,omitempty"`
HealthCheck *struct {
- Endpoint *string `tfsdk:"endpoint" json:"endpoint,omitempty"`
- FailureThreshold *int64 `tfsdk:"failure_threshold" json:"failureThreshold,omitempty"`
- Port *int64 `tfsdk:"port" json:"port,omitempty"`
- Protocol *string `tfsdk:"protocol" json:"protocol,omitempty"`
+ AdditionalHeadersRef *struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"additional_headers_ref" json:"additionalHeadersRef,omitempty"`
+ AllowInsecureCertificate *bool `tfsdk:"allow_insecure_certificate" json:"allowInsecureCertificate,omitempty"`
+ FailureThreshold *int64 `tfsdk:"failure_threshold" json:"failureThreshold,omitempty"`
+ Interval *string `tfsdk:"interval" json:"interval,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ Port *int64 `tfsdk:"port" json:"port,omitempty"`
+ Protocol *string `tfsdk:"protocol" json:"protocol,omitempty"`
} `tfsdk:"health_check" json:"healthCheck,omitempty"`
OwnerID *string `tfsdk:"owner_id" json:"ownerID,omitempty"`
ProviderRef *struct {
@@ -239,15 +244,29 @@ func (r *KuadrantIoDnsrecordV1Alpha1Manifest) Schema(_ context.Context, _ dataso
Description: "HealthCheckSpec configures health checks in the DNS provider. By default this health check will be applied to each unique DNS A Record for the listeners assigned to the target gateway",
MarkdownDescription: "HealthCheckSpec configures health checks in the DNS provider. By default this health check will be applied to each unique DNS A Record for the listeners assigned to the target gateway",
Attributes: map[string]schema.Attribute{
- "endpoint": schema.StringAttribute{
- Description: "Endpoint is the path to append to the host to reach the expected health check. Must start with '?' or '/', contain only valid URL characters and end with alphanumeric char or '/'. For example '/' or '/healthz' are common",
- MarkdownDescription: "Endpoint is the path to append to the host to reach the expected health check. Must start with '?' or '/', contain only valid URL characters and end with alphanumeric char or '/'. For example '/' or '/healthz' are common",
+ "additional_headers_ref": schema.SingleNestedAttribute{
+ Description: "AdditionalHeadersRef refers to a secret that contains extra headers to send in the probe request, this is primarily useful if an authentication token is required by the endpoint.",
+ MarkdownDescription: "AdditionalHeadersRef refers to a secret that contains extra headers to send in the probe request, this is primarily useful if an authentication token is required by the endpoint.",
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "allow_insecure_certificate": schema.BoolAttribute{
+ Description: "AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate this is primarily used in development or testing environments",
+ MarkdownDescription: "AllowInsecureCertificate will instruct the health check probe to not fail on a self-signed or otherwise invalid SSL certificate this is primarily used in development or testing environments",
Required: false,
Optional: true,
Computed: false,
- Validators: []validator.String{
- stringvalidator.RegexMatches(regexp.MustCompile(`^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$`), ""),
- },
},
"failure_threshold": schema.Int64Attribute{
@@ -258,6 +277,25 @@ func (r *KuadrantIoDnsrecordV1Alpha1Manifest) Schema(_ context.Context, _ dataso
Computed: false,
},
+ "interval": schema.StringAttribute{
+ Description: "Interval defines how frequently this probe should execute",
+ MarkdownDescription: "Interval defines how frequently this probe should execute",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "Path is the path to append to the host to reach the expected health check. Must start with '?' or '/', contain only valid URL characters and end with alphanumeric char or '/'. For example '/' or '/healthz' are common",
+ MarkdownDescription: "Path is the path to append to the host to reach the expected health check. Must start with '?' or '/', contain only valid URL characters and end with alphanumeric char or '/'. For example '/' or '/healthz' are common",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.RegexMatches(regexp.MustCompile(`^(?:\?|\/)[\w\-.~:\/?#\[\]@!$&'()*+,;=]+(?:[a-zA-Z0-9]|\/){1}$`), ""),
+ },
+ },
+
"port": schema.Int64Attribute{
Description: "Port to connect to the host on. Must be either 80, 443 or 1024-49151",
MarkdownDescription: "Port to connect to the host on. Must be either 80, 443 or 1024-49151",
diff --git a/internal/provider/limitador_kuadrant_io_v1alpha1/limitador_kuadrant_io_limitador_v1alpha1_manifest.go b/internal/provider/limitador_kuadrant_io_v1alpha1/limitador_kuadrant_io_limitador_v1alpha1_manifest.go
index b0c4f5fbd..d2ecb9b84 100644
--- a/internal/provider/limitador_kuadrant_io_v1alpha1/limitador_kuadrant_io_limitador_v1alpha1_manifest.go
+++ b/internal/provider/limitador_kuadrant_io_v1alpha1/limitador_kuadrant_io_limitador_v1alpha1_manifest.go
@@ -167,7 +167,10 @@ type LimitadorKuadrantIoLimitadorV1Alpha1ManifestData struct {
} `tfsdk:"required_during_scheduling_ignored_during_execution" json:"requiredDuringSchedulingIgnoredDuringExecution,omitempty"`
} `tfsdk:"pod_anti_affinity" json:"podAntiAffinity,omitempty"`
} `tfsdk:"affinity" json:"affinity,omitempty"`
- Image *string `tfsdk:"image" json:"image,omitempty"`
+ Image *string `tfsdk:"image" json:"image,omitempty"`
+ ImagePullSecrets *[]struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ } `tfsdk:"image_pull_secrets" json:"imagePullSecrets,omitempty"`
Limits *[]struct {
Conditions *[]string `tfsdk:"conditions" json:"conditions,omitempty"`
Max_value *int64 `tfsdk:"max_value" json:"max_value,omitempty"`
@@ -1125,6 +1128,25 @@ func (r *LimitadorKuadrantIoLimitadorV1Alpha1Manifest) Schema(_ context.Context,
Computed: false,
},
+ "image_pull_secrets": schema.ListNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"limits": schema.ListNestedAttribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/logging_banzaicloud_io_v1alpha1/logging_banzaicloud_io_cluster_output_v1alpha1_manifest.go b/internal/provider/logging_banzaicloud_io_v1alpha1/logging_banzaicloud_io_cluster_output_v1alpha1_manifest.go
index ddd24fd2a..8c3ab58d3 100644
--- a/internal/provider/logging_banzaicloud_io_v1alpha1/logging_banzaicloud_io_cluster_output_v1alpha1_manifest.go
+++ b/internal/provider/logging_banzaicloud_io_v1alpha1/logging_banzaicloud_io_cluster_output_v1alpha1_manifest.go
@@ -1538,11 +1538,12 @@ type LoggingBanzaicloudIoClusterOutputV1Alpha1ManifestData struct {
} `tfsdk:"secret_key_ref" json:"secretKeyRef,omitempty"`
} `tfsdk:"value_from" json:"valueFrom,omitempty"`
} `tfsdk:"keytab" json:"keytab,omitempty"`
- Max_send_retries *int64 `tfsdk:"max_send_retries" json:"max_send_retries,omitempty"`
- Message_key_key *string `tfsdk:"message_key_key" json:"message_key_key,omitempty"`
- Partition_key *string `tfsdk:"partition_key" json:"partition_key,omitempty"`
- Partition_key_key *string `tfsdk:"partition_key_key" json:"partition_key_key,omitempty"`
- Password *struct {
+ Max_send_limit_bytes *int64 `tfsdk:"max_send_limit_bytes" json:"max_send_limit_bytes,omitempty"`
+ Max_send_retries *int64 `tfsdk:"max_send_retries" json:"max_send_retries,omitempty"`
+ Message_key_key *string `tfsdk:"message_key_key" json:"message_key_key,omitempty"`
+ Partition_key *string `tfsdk:"partition_key" json:"partition_key,omitempty"`
+ Partition_key_key *string `tfsdk:"partition_key_key" json:"partition_key_key,omitempty"`
+ Password *struct {
MountFrom *struct {
SecretKeyRef *struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -13867,6 +13868,14 @@ func (r *LoggingBanzaicloudIoClusterOutputV1Alpha1Manifest) Schema(_ context.Con
Computed: false,
},
+ "max_send_limit_bytes": schema.Int64Attribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"max_send_retries": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/logging_banzaicloud_io_v1alpha1/logging_banzaicloud_io_output_v1alpha1_manifest.go b/internal/provider/logging_banzaicloud_io_v1alpha1/logging_banzaicloud_io_output_v1alpha1_manifest.go
index 4ae90607a..dca225196 100644
--- a/internal/provider/logging_banzaicloud_io_v1alpha1/logging_banzaicloud_io_output_v1alpha1_manifest.go
+++ b/internal/provider/logging_banzaicloud_io_v1alpha1/logging_banzaicloud_io_output_v1alpha1_manifest.go
@@ -1537,11 +1537,12 @@ type LoggingBanzaicloudIoOutputV1Alpha1ManifestData struct {
} `tfsdk:"secret_key_ref" json:"secretKeyRef,omitempty"`
} `tfsdk:"value_from" json:"valueFrom,omitempty"`
} `tfsdk:"keytab" json:"keytab,omitempty"`
- Max_send_retries *int64 `tfsdk:"max_send_retries" json:"max_send_retries,omitempty"`
- Message_key_key *string `tfsdk:"message_key_key" json:"message_key_key,omitempty"`
- Partition_key *string `tfsdk:"partition_key" json:"partition_key,omitempty"`
- Partition_key_key *string `tfsdk:"partition_key_key" json:"partition_key_key,omitempty"`
- Password *struct {
+ Max_send_limit_bytes *int64 `tfsdk:"max_send_limit_bytes" json:"max_send_limit_bytes,omitempty"`
+ Max_send_retries *int64 `tfsdk:"max_send_retries" json:"max_send_retries,omitempty"`
+ Message_key_key *string `tfsdk:"message_key_key" json:"message_key_key,omitempty"`
+ Partition_key *string `tfsdk:"partition_key" json:"partition_key,omitempty"`
+ Partition_key_key *string `tfsdk:"partition_key_key" json:"partition_key_key,omitempty"`
+ Password *struct {
MountFrom *struct {
SecretKeyRef *struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -13529,6 +13530,14 @@ func (r *LoggingBanzaicloudIoOutputV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "max_send_limit_bytes": schema.Int64Attribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"max_send_retries": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/logging_banzaicloud_io_v1beta1/logging_banzaicloud_io_cluster_output_v1beta1_manifest.go b/internal/provider/logging_banzaicloud_io_v1beta1/logging_banzaicloud_io_cluster_output_v1beta1_manifest.go
index 9ab1d24ec..2c7bac56b 100644
--- a/internal/provider/logging_banzaicloud_io_v1beta1/logging_banzaicloud_io_cluster_output_v1beta1_manifest.go
+++ b/internal/provider/logging_banzaicloud_io_v1beta1/logging_banzaicloud_io_cluster_output_v1beta1_manifest.go
@@ -1538,11 +1538,12 @@ type LoggingBanzaicloudIoClusterOutputV1Beta1ManifestData struct {
} `tfsdk:"secret_key_ref" json:"secretKeyRef,omitempty"`
} `tfsdk:"value_from" json:"valueFrom,omitempty"`
} `tfsdk:"keytab" json:"keytab,omitempty"`
- Max_send_retries *int64 `tfsdk:"max_send_retries" json:"max_send_retries,omitempty"`
- Message_key_key *string `tfsdk:"message_key_key" json:"message_key_key,omitempty"`
- Partition_key *string `tfsdk:"partition_key" json:"partition_key,omitempty"`
- Partition_key_key *string `tfsdk:"partition_key_key" json:"partition_key_key,omitempty"`
- Password *struct {
+ Max_send_limit_bytes *int64 `tfsdk:"max_send_limit_bytes" json:"max_send_limit_bytes,omitempty"`
+ Max_send_retries *int64 `tfsdk:"max_send_retries" json:"max_send_retries,omitempty"`
+ Message_key_key *string `tfsdk:"message_key_key" json:"message_key_key,omitempty"`
+ Partition_key *string `tfsdk:"partition_key" json:"partition_key,omitempty"`
+ Partition_key_key *string `tfsdk:"partition_key_key" json:"partition_key_key,omitempty"`
+ Password *struct {
MountFrom *struct {
SecretKeyRef *struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -13867,6 +13868,14 @@ func (r *LoggingBanzaicloudIoClusterOutputV1Beta1Manifest) Schema(_ context.Cont
Computed: false,
},
+ "max_send_limit_bytes": schema.Int64Attribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"max_send_retries": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/logging_banzaicloud_io_v1beta1/logging_banzaicloud_io_output_v1beta1_manifest.go b/internal/provider/logging_banzaicloud_io_v1beta1/logging_banzaicloud_io_output_v1beta1_manifest.go
index 8cf58aaf8..8b04e968b 100644
--- a/internal/provider/logging_banzaicloud_io_v1beta1/logging_banzaicloud_io_output_v1beta1_manifest.go
+++ b/internal/provider/logging_banzaicloud_io_v1beta1/logging_banzaicloud_io_output_v1beta1_manifest.go
@@ -1537,11 +1537,12 @@ type LoggingBanzaicloudIoOutputV1Beta1ManifestData struct {
} `tfsdk:"secret_key_ref" json:"secretKeyRef,omitempty"`
} `tfsdk:"value_from" json:"valueFrom,omitempty"`
} `tfsdk:"keytab" json:"keytab,omitempty"`
- Max_send_retries *int64 `tfsdk:"max_send_retries" json:"max_send_retries,omitempty"`
- Message_key_key *string `tfsdk:"message_key_key" json:"message_key_key,omitempty"`
- Partition_key *string `tfsdk:"partition_key" json:"partition_key,omitempty"`
- Partition_key_key *string `tfsdk:"partition_key_key" json:"partition_key_key,omitempty"`
- Password *struct {
+ Max_send_limit_bytes *int64 `tfsdk:"max_send_limit_bytes" json:"max_send_limit_bytes,omitempty"`
+ Max_send_retries *int64 `tfsdk:"max_send_retries" json:"max_send_retries,omitempty"`
+ Message_key_key *string `tfsdk:"message_key_key" json:"message_key_key,omitempty"`
+ Partition_key *string `tfsdk:"partition_key" json:"partition_key,omitempty"`
+ Partition_key_key *string `tfsdk:"partition_key_key" json:"partition_key_key,omitempty"`
+ Password *struct {
MountFrom *struct {
SecretKeyRef *struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -13856,6 +13857,14 @@ func (r *LoggingBanzaicloudIoOutputV1Beta1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "max_send_limit_bytes": schema.Int64Attribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"max_send_retries": schema.Int64Attribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/monitoring_coreos_com_v1/monitoring_coreos_com_prometheus_rule_v1_manifest.go b/internal/provider/monitoring_coreos_com_v1/monitoring_coreos_com_prometheus_rule_v1_manifest.go
index d60ede9e8..5b2ca09e3 100644
--- a/internal/provider/monitoring_coreos_com_v1/monitoring_coreos_com_prometheus_rule_v1_manifest.go
+++ b/internal/provider/monitoring_coreos_com_v1/monitoring_coreos_com_prometheus_rule_v1_manifest.go
@@ -49,6 +49,7 @@ type MonitoringCoreosComPrometheusRuleV1ManifestData struct {
Limit *int64 `tfsdk:"limit" json:"limit,omitempty"`
Name *string `tfsdk:"name" json:"name,omitempty"`
Partial_response_strategy *string `tfsdk:"partial_response_strategy" json:"partial_response_strategy,omitempty"`
+ Query_offset *string `tfsdk:"query_offset" json:"query_offset,omitempty"`
Rules *[]struct {
Alert *string `tfsdk:"alert" json:"alert,omitempty"`
Annotations *map[string]string `tfsdk:"annotations" json:"annotations,omitempty"`
@@ -185,6 +186,17 @@ func (r *MonitoringCoreosComPrometheusRuleV1Manifest) Schema(_ context.Context,
},
},
+ "query_offset": schema.StringAttribute{
+ Description: "Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0. It is not supported for ThanosRuler.",
+ MarkdownDescription: "Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0. It is not supported for ThanosRuler.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.RegexMatches(regexp.MustCompile(`^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$`), ""),
+ },
+ },
+
"rules": schema.ListNestedAttribute{
Description: "List of alerting and recording rules.",
MarkdownDescription: "List of alerting and recording rules.",
diff --git a/internal/provider/monitoring_coreos_com_v1/monitoring_coreos_com_prometheus_v1_manifest.go b/internal/provider/monitoring_coreos_com_v1/monitoring_coreos_com_prometheus_v1_manifest.go
index 677cc7603..c70eae9b0 100644
--- a/internal/provider/monitoring_coreos_com_v1/monitoring_coreos_com_prometheus_v1_manifest.go
+++ b/internal/provider/monitoring_coreos_com_v1/monitoring_coreos_com_prometheus_v1_manifest.go
@@ -1326,7 +1326,8 @@ type MonitoringCoreosComPrometheusV1ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"rule_namespace_selector" json:"ruleNamespaceSelector,omitempty"`
- RuleSelector *struct {
+ RuleQueryOffset *string `tfsdk:"rule_query_offset" json:"ruleQueryOffset,omitempty"`
+ RuleSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
Operator *string `tfsdk:"operator" json:"operator,omitempty"`
@@ -10954,6 +10955,17 @@ func (r *MonitoringCoreosComPrometheusV1Manifest) Schema(_ context.Context, _ da
Computed: false,
},
+ "rule_query_offset": schema.StringAttribute{
+ Description: "Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0.",
+ MarkdownDescription: "Defines the offset the rule evaluation timestamp of this particular group by the specified duration into the past. It requires Prometheus >= v2.53.0.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.RegexMatches(regexp.MustCompile(`^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$`), ""),
+ },
+ },
+
"rule_selector": schema.SingleNestedAttribute{
Description: "PrometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects.",
MarkdownDescription: "PrometheusRule objects to be selected for rule evaluation. An empty label selector matches all objects. A null label selector matches no objects.",
diff --git a/internal/provider/postgres_operator_crunchydata_com_v1beta1/postgres_operator_crunchydata_com_postgres_cluster_v1beta1_manifest.go b/internal/provider/postgres_operator_crunchydata_com_v1beta1/postgres_operator_crunchydata_com_postgres_cluster_v1beta1_manifest.go
index 467314017..c681d6a81 100644
--- a/internal/provider/postgres_operator_crunchydata_com_v1beta1/postgres_operator_crunchydata_com_postgres_cluster_v1beta1_manifest.go
+++ b/internal/provider/postgres_operator_crunchydata_com_v1beta1/postgres_operator_crunchydata_com_postgres_cluster_v1beta1_manifest.go
@@ -6888,6 +6888,9 @@ func (r *PostgresOperatorCrunchydataComPostgresClusterV1Beta1Manifest) Schema(_
Required: true,
Optional: false,
Computed: false,
+ Validators: []validator.String{
+ stringvalidator.LengthAtLeast(1),
+ },
},
},
Required: false,
diff --git a/internal/provider/postgresql_cnpg_io_v1/postgresql_cnpg_io_cluster_v1_manifest.go b/internal/provider/postgresql_cnpg_io_v1/postgresql_cnpg_io_cluster_v1_manifest.go
index 51c3d2aa9..4d2bf2159 100644
--- a/internal/provider/postgresql_cnpg_io_v1/postgresql_cnpg_io_cluster_v1_manifest.go
+++ b/internal/provider/postgresql_cnpg_io_v1/postgresql_cnpg_io_cluster_v1_manifest.go
@@ -815,7 +815,8 @@ type PostgresqlCnpgIoClusterV1ManifestData struct {
} `tfsdk:"replication_slots" json:"replicationSlots,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -1120,8 +1121,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -1129,8 +1130,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -1287,8 +1288,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -1296,8 +1297,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -1454,8 +1455,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -1463,8 +1464,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -1621,8 +1622,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -1630,8 +1631,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -3826,8 +3827,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"volume_attributes_class_name": schema.StringAttribute{
- Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
- MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
Required: false,
Optional: true,
Computed: false,
@@ -5819,8 +5820,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"sources": schema.ListNestedAttribute{
- Description: "sources is the list of volume projections",
- MarkdownDescription: "sources is the list of volume projections",
+ Description: "sources is the list of volume projections. Each entry in this list handles one source.",
+ MarkdownDescription: "sources is the list of volume projections. Each entry in this list handles one source.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"cluster_trust_bundle": schema.SingleNestedAttribute{
@@ -6326,6 +6327,14 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -6638,8 +6647,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"volume_attributes_class_name": schema.StringAttribute{
- Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
- MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
Required: false,
Optional: true,
Computed: false,
@@ -6931,8 +6940,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"volume_attributes_class_name": schema.StringAttribute{
- Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
- MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
Required: false,
Optional: true,
Computed: false,
@@ -7305,8 +7314,8 @@ func (r *PostgresqlCnpgIoClusterV1Manifest) Schema(_ context.Context, _ datasour
},
"volume_attributes_class_name": schema.StringAttribute{
- Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
- MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/postgresql_cnpg_io_v1/postgresql_cnpg_io_pooler_v1_manifest.go b/internal/provider/postgresql_cnpg_io_v1/postgresql_cnpg_io_pooler_v1_manifest.go
index 258cf91a7..25561b7b7 100644
--- a/internal/provider/postgresql_cnpg_io_v1/postgresql_cnpg_io_pooler_v1_manifest.go
+++ b/internal/provider/postgresql_cnpg_io_v1/postgresql_cnpg_io_pooler_v1_manifest.go
@@ -424,7 +424,8 @@ type PostgresqlCnpgIoPoolerV1ManifestData struct {
} `tfsdk:"resize_policy" json:"resizePolicy,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -681,7 +682,8 @@ type PostgresqlCnpgIoPoolerV1ManifestData struct {
} `tfsdk:"resize_policy" json:"resizePolicy,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -941,7 +943,8 @@ type PostgresqlCnpgIoPoolerV1ManifestData struct {
} `tfsdk:"resize_policy" json:"resizePolicy,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -1042,11 +1045,9 @@ type PostgresqlCnpgIoPoolerV1ManifestData struct {
ConditionType *string `tfsdk:"condition_type" json:"conditionType,omitempty"`
} `tfsdk:"readiness_gates" json:"readinessGates,omitempty"`
ResourceClaims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- Source *struct {
- ResourceClaimName *string `tfsdk:"resource_claim_name" json:"resourceClaimName,omitempty"`
- ResourceClaimTemplateName *string `tfsdk:"resource_claim_template_name" json:"resourceClaimTemplateName,omitempty"`
- } `tfsdk:"source" json:"source,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ResourceClaimName *string `tfsdk:"resource_claim_name" json:"resourceClaimName,omitempty"`
+ ResourceClaimTemplateName *string `tfsdk:"resource_claim_template_name" json:"resourceClaimTemplateName,omitempty"`
} `tfsdk:"resource_claims" json:"resourceClaims,omitempty"`
RestartPolicy *string `tfsdk:"restart_policy" json:"restartPolicy,omitempty"`
RuntimeClassName *string `tfsdk:"runtime_class_name" json:"runtimeClassName,omitempty"`
@@ -1074,8 +1075,9 @@ type PostgresqlCnpgIoPoolerV1ManifestData struct {
LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
- SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
- Sysctls *[]struct {
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ SupplementalGroupsPolicy *string `tfsdk:"supplemental_groups_policy" json:"supplementalGroupsPolicy,omitempty"`
+ Sysctls *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"sysctls" json:"sysctls,omitempty"`
@@ -1268,6 +1270,10 @@ type PostgresqlCnpgIoPoolerV1ManifestData struct {
Path *string `tfsdk:"path" json:"path,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
} `tfsdk:"host_path" json:"hostPath,omitempty"`
+ Image *struct {
+ PullPolicy *string `tfsdk:"pull_policy" json:"pullPolicy,omitempty"`
+ Reference *string `tfsdk:"reference" json:"reference,omitempty"`
+ } `tfsdk:"image" json:"image,omitempty"`
Iscsi *struct {
ChapAuthDiscovery *bool `tfsdk:"chap_auth_discovery" json:"chapAuthDiscovery,omitempty"`
ChapAuthSession *bool `tfsdk:"chap_auth_session" json:"chapAuthSession,omitempty"`
@@ -2410,8 +2416,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2419,8 +2425,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2577,8 +2583,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2586,8 +2592,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2744,8 +2750,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2753,8 +2759,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2911,8 +2917,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2920,8 +2926,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is a beta field and requires enabling MatchLabelKeysInPodAffinity feature gate (enabled by default).",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -4062,6 +4068,14 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -4173,8 +4187,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"proc_mount": schema.StringAttribute{
- Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
- MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
Required: false,
Optional: true,
Computed: false,
@@ -5774,6 +5788,14 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -5885,8 +5907,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"proc_mount": schema.StringAttribute{
- Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
- MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
Required: false,
Optional: true,
Computed: false,
@@ -7511,6 +7533,14 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -7622,8 +7652,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"proc_mount": schema.StringAttribute{
- Description: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
- MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default is DefaultProcMount which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ Description: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "procMount denotes the type of proc mount to use for the containers. The default value is Default which uses the container runtime defaults for readonly paths and masked paths. This requires the ProcMountType feature flag to be enabled. Note that this field cannot be set when spec.os.name is windows.",
Required: false,
Optional: true,
Computed: false,
@@ -8115,8 +8145,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"node_name": schema.StringAttribute{
- Description: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.",
- MarkdownDescription: "NodeName is a request to schedule this pod onto a specific node. If it is non-empty, the scheduler simply schedules this pod onto that node, assuming that it fits resource requirements.",
+ Description: "NodeName indicates in which node this pod is scheduled. If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. This field should not be used to express a desire for the pod to be scheduled on a specific node. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename",
+ MarkdownDescription: "NodeName indicates in which node this pod is scheduled. If empty, this pod is a candidate for scheduling by the scheduler defined in schedulerName. Once this field is set, the kubelet for this node becomes responsible for the lifecycle of this pod. This field should not be used to express a desire for the pod to be scheduled on a specific node. https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node/#nodename",
Required: false,
Optional: true,
Computed: false,
@@ -8132,8 +8162,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"os": schema.SingleNestedAttribute{
- Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
- MarkdownDescription: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
+ Description: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
+ MarkdownDescription: "Specifies the OS of the containers in the pod. Some pod and container fields are restricted if this is set. If the OS field is set to linux, the following fields must be unset: -securityContext.windowsOptions If the OS field is set to windows, following fields must be unset: - spec.hostPID - spec.hostIPC - spec.hostUsers - spec.securityContext.appArmorProfile - spec.securityContext.seLinuxOptions - spec.securityContext.seccompProfile - spec.securityContext.fsGroup - spec.securityContext.fsGroupChangePolicy - spec.securityContext.sysctls - spec.shareProcessNamespace - spec.securityContext.runAsUser - spec.securityContext.runAsGroup - spec.securityContext.supplementalGroups - spec.securityContext.supplementalGroupsPolicy - spec.containers[*].securityContext.appArmorProfile - spec.containers[*].securityContext.seLinuxOptions - spec.containers[*].securityContext.seccompProfile - spec.containers[*].securityContext.capabilities - spec.containers[*].securityContext.readOnlyRootFilesystem - spec.containers[*].securityContext.privileged - spec.containers[*].securityContext.allowPrivilegeEscalation - spec.containers[*].securityContext.procMount - spec.containers[*].securityContext.runAsUser - spec.containers[*].securityContext.runAsGroup",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
Description: "Name is the name of the operating system. The currently supported values are linux and windows. Additional value may be defined in future and can be one of: https://github.com/opencontainers/runtime-spec/blob/master/config.md#platform-specific-configuration Clients should expect to handle additional values and treat unrecognized values in this field as os: null",
@@ -8213,29 +8243,20 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
Computed: false,
},
- "source": schema.SingleNestedAttribute{
- Description: "Source describes where to find the ResourceClaim.",
- MarkdownDescription: "Source describes where to find the ResourceClaim.",
- Attributes: map[string]schema.Attribute{
- "resource_claim_name": schema.StringAttribute{
- Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.",
- MarkdownDescription: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod.",
- Required: false,
- Optional: true,
- Computed: false,
- },
+ "resource_claim_name": schema.StringAttribute{
+ Description: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod. Exactly one of ResourceClaimName and ResourceClaimTemplateName must be set.",
+ MarkdownDescription: "ResourceClaimName is the name of a ResourceClaim object in the same namespace as this pod. Exactly one of ResourceClaimName and ResourceClaimTemplateName must be set.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
- "resource_claim_template_name": schema.StringAttribute{
- Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
- MarkdownDescription: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
- Required: false,
- Optional: true,
- Computed: false,
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
+ "resource_claim_template_name": schema.StringAttribute{
+ Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim. Exactly one of ResourceClaimName and ResourceClaimTemplateName must be set.",
+ MarkdownDescription: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim. Exactly one of ResourceClaimName and ResourceClaimTemplateName must be set.",
+ Required: false,
+ Optional: true,
+ Computed: false,
},
},
},
@@ -8423,14 +8444,22 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"supplemental_groups": schema.ListAttribute{
- Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
- MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID and fsGroup (if specified). If the SupplementalGroupsPolicy feature is enabled, the supplementalGroupsPolicy field determines whether these are in addition to or instead of any group memberships defined in the container image. If unspecified, no additional groups are added, though group memberships defined in the container image may still be used, depending on the supplementalGroupsPolicy field. Note that this field cannot be set when spec.os.name is windows.",
ElementType: types.StringType,
Required: false,
Optional: true,
Computed: false,
},
+ "supplemental_groups_policy": schema.StringAttribute{
+ Description: "Defines how supplemental groups of the first container processes are calculated. Valid values are 'Merge' and 'Strict'. If not specified, 'Merge' is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "Defines how supplemental groups of the first container processes are calculated. Valid values are 'Merge' and 'Strict'. If not specified, 'Merge' is used. (Alpha) Using the field requires the SupplementalGroupsPolicy feature gate to be enabled and the container runtime must implement support for this feature. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sysctls": schema.ListNestedAttribute{
Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
@@ -9426,8 +9455,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"volume_attributes_class_name": schema.StringAttribute{
- Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
- MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Beta) Using this field requires the VolumeAttributesClass feature gate to be enabled (off by default).",
Required: false,
Optional: true,
Computed: false,
@@ -9731,6 +9760,31 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
Computed: false,
},
+ "image": schema.SingleNestedAttribute{
+ Description: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided: - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.",
+ MarkdownDescription: "image represents an OCI object (a container image or artifact) pulled and mounted on the kubelet's host machine. The volume is resolved at pod startup depending on which PullPolicy value is provided: - Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. - Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. - IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. The volume gets re-resolved if the pod gets deleted and recreated, which means that new remote content will become available on pod recreation. A failure to resolve or pull the image during pod startup will block containers from starting and may add significant latency. Failures will be retried using normal volume backoff and will be reported on the pod reason and message. The types of objects that may be mounted by this volume are defined by the container runtime implementation on a host machine and at minimum must include all valid types supported by the container image field. The OCI object gets mounted in a single directory (spec.containers[*].volumeMounts.mountPath) by merging the manifest layers in the same way as for container images. The volume will be mounted read-only (ro) and non-executable files (noexec). Sub path mounts for containers are not supported (spec.containers[*].volumeMounts.subpath). The field spec.securityContext.fsGroupChangePolicy has no effect on this volume type.",
+ Attributes: map[string]schema.Attribute{
+ "pull_policy": schema.StringAttribute{
+ Description: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.",
+ MarkdownDescription: "Policy for pulling OCI objects. Possible values are: Always: the kubelet always attempts to pull the reference. Container creation will fail If the pull fails. Never: the kubelet never pulls the reference and only uses a local image or artifact. Container creation will fail if the reference isn't present. IfNotPresent: the kubelet pulls if the reference isn't already present on disk. Container creation will fail if the reference isn't present and the pull fails. Defaults to Always if :latest tag is specified, or IfNotPresent otherwise.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "reference": schema.StringAttribute{
+ Description: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.",
+ MarkdownDescription: "Required: Image or artifact reference to be used. Behaves in the same way as pod.spec.containers[*].image. Pull secrets will be assembled in the same way as for the container image by looking up node credentials, SA image pull secrets, and pod spec image pull secrets. More info: https://kubernetes.io/docs/concepts/containers/images This field is optional to allow higher level config management to default or override container images in workload controllers like Deployments and StatefulSets.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"iscsi": schema.SingleNestedAttribute{
Description: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md",
MarkdownDescription: "iscsi represents an ISCSI Disk resource that is attached to a kubelet's host machine and then exposed to the pod. More info: https://examples.k8s.io/volumes/iscsi/README.md",
@@ -9975,8 +10029,8 @@ func (r *PostgresqlCnpgIoPoolerV1Manifest) Schema(_ context.Context, _ datasourc
},
"sources": schema.ListNestedAttribute{
- Description: "sources is the list of volume projections",
- MarkdownDescription: "sources is the list of volume projections",
+ Description: "sources is the list of volume projections. Each entry in this list handles one source.",
+ MarkdownDescription: "sources is the list of volume projections. Each entry in this list handles one source.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"cluster_trust_bundle": schema.SingleNestedAttribute{
diff --git a/internal/provider/psmdb_percona_com_v1/psmdb_percona_com_percona_server_mongo_db_v1_manifest.go b/internal/provider/psmdb_percona_com_v1/psmdb_percona_com_percona_server_mongo_db_v1_manifest.go
index 00d67f973..5581374b3 100644
--- a/internal/provider/psmdb_percona_com_v1/psmdb_percona_com_percona_server_mongo_db_v1_manifest.go
+++ b/internal/provider/psmdb_percona_com_v1/psmdb_percona_com_percona_server_mongo_db_v1_manifest.go
@@ -1262,9 +1262,7 @@ type PsmdbPerconaComPerconaServerMongoDbV1ManifestData struct {
ExternalTrafficPolicy *string `tfsdk:"external_traffic_policy" json:"externalTrafficPolicy,omitempty"`
InternalTrafficPolicy *string `tfsdk:"internal_traffic_policy" json:"internalTrafficPolicy,omitempty"`
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
- LoadBalancerIP *string `tfsdk:"load_balancer_ip" json:"loadBalancerIP,omitempty"`
LoadBalancerSourceRanges *[]string `tfsdk:"load_balancer_source_ranges" json:"loadBalancerSourceRanges,omitempty"`
- NodePort *int64 `tfsdk:"node_port" json:"nodePort,omitempty"`
ServiceAnnotations *map[string]string `tfsdk:"service_annotations" json:"serviceAnnotations,omitempty"`
ServiceLabels *map[string]string `tfsdk:"service_labels" json:"serviceLabels,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
@@ -3086,6 +3084,7 @@ type PsmdbPerconaComPerconaServerMongoDbV1ManifestData struct {
SchedulerName *string `tfsdk:"scheduler_name" json:"schedulerName,omitempty"`
Secrets *struct {
EncryptionKey *string `tfsdk:"encryption_key" json:"encryptionKey,omitempty"`
+ KeyFile *string `tfsdk:"key_file" json:"keyFile,omitempty"`
LdapSecret *string `tfsdk:"ldap_secret" json:"ldapSecret,omitempty"`
Sse *string `tfsdk:"sse" json:"sse,omitempty"`
Ssl *string `tfsdk:"ssl" json:"ssl,omitempty"`
@@ -4066,9 +4065,7 @@ type PsmdbPerconaComPerconaServerMongoDbV1ManifestData struct {
ExternalTrafficPolicy *string `tfsdk:"external_traffic_policy" json:"externalTrafficPolicy,omitempty"`
InternalTrafficPolicy *string `tfsdk:"internal_traffic_policy" json:"internalTrafficPolicy,omitempty"`
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
- LoadBalancerIP *string `tfsdk:"load_balancer_ip" json:"loadBalancerIP,omitempty"`
LoadBalancerSourceRanges *[]string `tfsdk:"load_balancer_source_ranges" json:"loadBalancerSourceRanges,omitempty"`
- NodePort *int64 `tfsdk:"node_port" json:"nodePort,omitempty"`
ServiceAnnotations *map[string]string `tfsdk:"service_annotations" json:"serviceAnnotations,omitempty"`
ServiceLabels *map[string]string `tfsdk:"service_labels" json:"serviceLabels,omitempty"`
Type *string `tfsdk:"type" json:"type,omitempty"`
@@ -6044,7 +6041,6 @@ type PsmdbPerconaComPerconaServerMongoDbV1ManifestData struct {
ExternalTrafficPolicy *string `tfsdk:"external_traffic_policy" json:"externalTrafficPolicy,omitempty"`
InternalTrafficPolicy *string `tfsdk:"internal_traffic_policy" json:"internalTrafficPolicy,omitempty"`
Labels *map[string]string `tfsdk:"labels" json:"labels,omitempty"`
- LoadBalancerIP *string `tfsdk:"load_balancer_ip" json:"loadBalancerIP,omitempty"`
LoadBalancerSourceRanges *[]string `tfsdk:"load_balancer_source_ranges" json:"loadBalancerSourceRanges,omitempty"`
NodePort *int64 `tfsdk:"node_port" json:"nodePort,omitempty"`
ServiceAnnotations *map[string]string `tfsdk:"service_annotations" json:"serviceAnnotations,omitempty"`
@@ -15173,14 +15169,6 @@ func (r *PsmdbPerconaComPerconaServerMongoDbV1Manifest) Schema(_ context.Context
Computed: false,
},
- "load_balancer_ip": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"load_balancer_source_ranges": schema.ListAttribute{
Description: "",
MarkdownDescription: "",
@@ -15190,14 +15178,6 @@ func (r *PsmdbPerconaComPerconaServerMongoDbV1Manifest) Schema(_ context.Context
Computed: false,
},
- "node_port": schema.Int64Attribute{
- Description: "",
- MarkdownDescription: "",
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"service_annotations": schema.MapAttribute{
Description: "",
MarkdownDescription: "",
@@ -27446,6 +27426,14 @@ func (r *PsmdbPerconaComPerconaServerMongoDbV1Manifest) Schema(_ context.Context
Computed: false,
},
+ "key_file": schema.StringAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"ldap_secret": schema.StringAttribute{
Description: "",
MarkdownDescription: "",
@@ -34038,14 +34026,6 @@ func (r *PsmdbPerconaComPerconaServerMongoDbV1Manifest) Schema(_ context.Context
Computed: false,
},
- "load_balancer_ip": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"load_balancer_source_ranges": schema.ListAttribute{
Description: "",
MarkdownDescription: "",
@@ -34055,14 +34035,6 @@ func (r *PsmdbPerconaComPerconaServerMongoDbV1Manifest) Schema(_ context.Context
Computed: false,
},
- "node_port": schema.Int64Attribute{
- Description: "",
- MarkdownDescription: "",
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"service_annotations": schema.MapAttribute{
Description: "",
MarkdownDescription: "",
@@ -47348,14 +47320,6 @@ func (r *PsmdbPerconaComPerconaServerMongoDbV1Manifest) Schema(_ context.Context
Computed: false,
},
- "load_balancer_ip": schema.StringAttribute{
- Description: "",
- MarkdownDescription: "",
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"load_balancer_source_ranges": schema.ListAttribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/pxc_percona_com_v1/pxc_percona_com_percona_xtra_db_cluster_v1_manifest.go b/internal/provider/pxc_percona_com_v1/pxc_percona_com_percona_xtra_db_cluster_v1_manifest.go
index 747971d2c..853317ae7 100644
--- a/internal/provider/pxc_percona_com_v1/pxc_percona_com_percona_xtra_db_cluster_v1_manifest.go
+++ b/internal/provider/pxc_percona_com_v1/pxc_percona_com_percona_xtra_db_cluster_v1_manifest.go
@@ -400,6 +400,7 @@ type PxcPerconaComPerconaXtraDbclusterV1ManifestData struct {
} `tfsdk:"backup" json:"backup,omitempty"`
CrVersion *string `tfsdk:"cr_version" json:"crVersion,omitempty"`
EnableCRValidationWebhook *bool `tfsdk:"enable_cr_validation_webhook" json:"enableCRValidationWebhook,omitempty"`
+ EnableVolumeExpansion *bool `tfsdk:"enable_volume_expansion" json:"enableVolumeExpansion,omitempty"`
Haproxy *struct {
Affinity *struct {
Advanced *struct {
@@ -6242,6 +6243,14 @@ func (r *PxcPerconaComPerconaXtraDbclusterV1Manifest) Schema(_ context.Context,
Computed: false,
},
+ "enable_volume_expansion": schema.BoolAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"haproxy": schema.SingleNestedAttribute{
Description: "",
MarkdownDescription: "",
diff --git a/internal/provider/rds_services_k8s_aws_v1alpha1/rds_services_k8s_aws_db_cluster_v1alpha1_manifest.go b/internal/provider/rds_services_k8s_aws_v1alpha1/rds_services_k8s_aws_db_cluster_v1alpha1_manifest.go
index d6949ab18..335d93570 100644
--- a/internal/provider/rds_services_k8s_aws_v1alpha1/rds_services_k8s_aws_db_cluster_v1alpha1_manifest.go
+++ b/internal/provider/rds_services_k8s_aws_v1alpha1/rds_services_k8s_aws_db_cluster_v1alpha1_manifest.go
@@ -115,6 +115,8 @@ type RdsServicesK8SAwsDbclusterV1Alpha1ManifestData struct {
PreferredMaintenanceWindow *string `tfsdk:"preferred_maintenance_window" json:"preferredMaintenanceWindow,omitempty"`
PubliclyAccessible *bool `tfsdk:"publicly_accessible" json:"publiclyAccessible,omitempty"`
ReplicationSourceIdentifier *string `tfsdk:"replication_source_identifier" json:"replicationSourceIdentifier,omitempty"`
+ RestoreToTime *string `tfsdk:"restore_to_time" json:"restoreToTime,omitempty"`
+ RestoreType *string `tfsdk:"restore_type" json:"restoreType,omitempty"`
ScalingConfiguration *struct {
AutoPause *bool `tfsdk:"auto_pause" json:"autoPause,omitempty"`
MaxCapacity *int64 `tfsdk:"max_capacity" json:"maxCapacity,omitempty"`
@@ -127,16 +129,18 @@ type RdsServicesK8SAwsDbclusterV1Alpha1ManifestData struct {
MaxCapacity *float64 `tfsdk:"max_capacity" json:"maxCapacity,omitempty"`
MinCapacity *float64 `tfsdk:"min_capacity" json:"minCapacity,omitempty"`
} `tfsdk:"serverless_v2_scaling_configuration" json:"serverlessV2ScalingConfiguration,omitempty"`
- SnapshotIdentifier *string `tfsdk:"snapshot_identifier" json:"snapshotIdentifier,omitempty"`
- SourceRegion *string `tfsdk:"source_region" json:"sourceRegion,omitempty"`
- StorageEncrypted *bool `tfsdk:"storage_encrypted" json:"storageEncrypted,omitempty"`
- StorageType *string `tfsdk:"storage_type" json:"storageType,omitempty"`
- Tags *[]struct {
+ SnapshotIdentifier *string `tfsdk:"snapshot_identifier" json:"snapshotIdentifier,omitempty"`
+ SourceDBClusterIdentifier *string `tfsdk:"source_db_cluster_identifier" json:"sourceDBClusterIdentifier,omitempty"`
+ SourceRegion *string `tfsdk:"source_region" json:"sourceRegion,omitempty"`
+ StorageEncrypted *bool `tfsdk:"storage_encrypted" json:"storageEncrypted,omitempty"`
+ StorageType *string `tfsdk:"storage_type" json:"storageType,omitempty"`
+ Tags *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
Value *string `tfsdk:"value" json:"value,omitempty"`
} `tfsdk:"tags" json:"tags,omitempty"`
- VpcSecurityGroupIDs *[]string `tfsdk:"vpc_security_group_i_ds" json:"vpcSecurityGroupIDs,omitempty"`
- VpcSecurityGroupRefs *[]struct {
+ UseLatestRestorableTime *bool `tfsdk:"use_latest_restorable_time" json:"useLatestRestorableTime,omitempty"`
+ VpcSecurityGroupIDs *[]string `tfsdk:"vpc_security_group_i_ds" json:"vpcSecurityGroupIDs,omitempty"`
+ VpcSecurityGroupRefs *[]struct {
From *struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
@@ -737,6 +741,25 @@ func (r *RdsServicesK8SAwsDbclusterV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "restore_to_time": schema.StringAttribute{
+ Description: "The date and time to restore the DB cluster to. Valid Values: Value must be a time in Universal Coordinated Time (UTC) format Constraints: * Must be before the latest restorable time for the DB instance * Must be specified if UseLatestRestorableTime parameter isn't provided * Can't be specified if the UseLatestRestorableTime parameter is enabled * Can't be specified if the RestoreType parameter is copy-on-write Example: 2015-03-07T23:45:00Z Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ MarkdownDescription: "The date and time to restore the DB cluster to. Valid Values: Value must be a time in Universal Coordinated Time (UTC) format Constraints: * Must be before the latest restorable time for the DB instance * Must be specified if UseLatestRestorableTime parameter isn't provided * Can't be specified if the UseLatestRestorableTime parameter is enabled * Can't be specified if the RestoreType parameter is copy-on-write Example: 2015-03-07T23:45:00Z Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ validators.DateTime64Validator(),
+ },
+ },
+
+ "restore_type": schema.StringAttribute{
+ Description: "The type of restore to be performed. You can specify one of the following values: * full-copy - The new DB cluster is restored as a full copy of the source DB cluster. * copy-on-write - The new DB cluster is restored as a clone of the source DB cluster. Constraints: You can't specify copy-on-write if the engine version of the source DB cluster is earlier than 1.11. If you don't specify a RestoreType value, then the new DB cluster is restored as a full copy of the source DB cluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ MarkdownDescription: "The type of restore to be performed. You can specify one of the following values: * full-copy - The new DB cluster is restored as a full copy of the source DB cluster. * copy-on-write - The new DB cluster is restored as a clone of the source DB cluster. Constraints: You can't specify copy-on-write if the engine version of the source DB cluster is earlier than 1.11. If you don't specify a RestoreType value, then the new DB cluster is restored as a full copy of the source DB cluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"scaling_configuration": schema.SingleNestedAttribute{
Description: "For DB clusters in serverless DB engine mode, the scaling properties of the DB cluster. Valid for: Aurora DB clusters only",
MarkdownDescription: "For DB clusters in serverless DB engine mode, the scaling properties of the DB cluster. Valid for: Aurora DB clusters only",
@@ -827,6 +850,14 @@ func (r *RdsServicesK8SAwsDbclusterV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "source_db_cluster_identifier": schema.StringAttribute{
+ Description: "The identifier of the source DB cluster from which to restore. Constraints: * Must match the identifier of an existing DBCluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ MarkdownDescription: "The identifier of the source DB cluster from which to restore. Constraints: * Must match the identifier of an existing DBCluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"source_region": schema.StringAttribute{
Description: "SourceRegion is the source region where the resource exists. This is not sent over the wire and is only used for presigning. This value should always have the same region as the source ARN.",
MarkdownDescription: "SourceRegion is the source region where the resource exists. This is not sent over the wire and is only used for presigning. This value should always have the same region as the source ARN.",
@@ -878,6 +909,14 @@ func (r *RdsServicesK8SAwsDbclusterV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "use_latest_restorable_time": schema.BoolAttribute{
+ Description: "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster isn't restored to the latest restorable backup time. Constraints: Can't be specified if RestoreToTime parameter is provided. Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ MarkdownDescription: "A value that indicates whether to restore the DB cluster to the latest restorable backup time. By default, the DB cluster isn't restored to the latest restorable backup time. Constraints: Can't be specified if RestoreToTime parameter is provided. Valid for: Aurora DB clusters and Multi-AZ DB clusters",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"vpc_security_group_i_ds": schema.ListAttribute{
Description: "A list of EC2 VPC security groups to associate with this DB cluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters",
MarkdownDescription: "A list of EC2 VPC security groups to associate with this DB cluster. Valid for: Aurora DB clusters and Multi-AZ DB clusters",
diff --git a/internal/provider/repo_manager_pulpproject_org_v1beta2/repo_manager_pulpproject_org_pulp_backup_v1beta2_manifest.go b/internal/provider/repo_manager_pulpproject_org_v1beta2/repo_manager_pulpproject_org_pulp_backup_v1beta2_manifest.go
index d176005fc..289de2117 100644
--- a/internal/provider/repo_manager_pulpproject_org_v1beta2/repo_manager_pulpproject_org_pulp_backup_v1beta2_manifest.go
+++ b/internal/provider/repo_manager_pulpproject_org_v1beta2/repo_manager_pulpproject_org_pulp_backup_v1beta2_manifest.go
@@ -544,8 +544,8 @@ func (r *RepoManagerPulpprojectOrgPulpBackupV1Beta2Manifest) Schema(_ context.Co
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -553,8 +553,8 @@ func (r *RepoManagerPulpprojectOrgPulpBackupV1Beta2Manifest) Schema(_ context.Co
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -711,8 +711,8 @@ func (r *RepoManagerPulpprojectOrgPulpBackupV1Beta2Manifest) Schema(_ context.Co
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -720,8 +720,8 @@ func (r *RepoManagerPulpprojectOrgPulpBackupV1Beta2Manifest) Schema(_ context.Co
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -878,8 +878,8 @@ func (r *RepoManagerPulpprojectOrgPulpBackupV1Beta2Manifest) Schema(_ context.Co
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -887,8 +887,8 @@ func (r *RepoManagerPulpprojectOrgPulpBackupV1Beta2Manifest) Schema(_ context.Co
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -1045,8 +1045,8 @@ func (r *RepoManagerPulpprojectOrgPulpBackupV1Beta2Manifest) Schema(_ context.Co
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -1054,8 +1054,8 @@ func (r *RepoManagerPulpprojectOrgPulpBackupV1Beta2Manifest) Schema(_ context.Co
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
diff --git a/internal/provider/repo_manager_pulpproject_org_v1beta2/repo_manager_pulpproject_org_pulp_v1beta2_manifest.go b/internal/provider/repo_manager_pulpproject_org_v1beta2/repo_manager_pulpproject_org_pulp_v1beta2_manifest.go
index 1e539d6d4..a5180f459 100644
--- a/internal/provider/repo_manager_pulpproject_org_v1beta2/repo_manager_pulpproject_org_pulp_v1beta2_manifest.go
+++ b/internal/provider/repo_manager_pulpproject_org_v1beta2/repo_manager_pulpproject_org_pulp_v1beta2_manifest.go
@@ -1161,6 +1161,7 @@ type RepoManagerPulpprojectOrgPulpV1Beta2ManifestData struct {
Ingress_tls_secret *string `tfsdk:"ingress_tls_secret" json:"ingress_tls_secret,omitempty"`
Ingress_type *string `tfsdk:"ingress_type" json:"ingress_type,omitempty"`
Inhibit_version_constraint *bool `tfsdk:"inhibit_version_constraint" json:"inhibit_version_constraint,omitempty"`
+ Ipv6_disabled *bool `tfsdk:"ipv6_disabled" json:"ipv6_disabled,omitempty"`
Is_nginx_ingress *bool `tfsdk:"is_nginx_ingress" json:"is_nginx_ingress,omitempty"`
Ldap *struct {
Ca *string `tfsdk:"ca" json:"ca,omitempty"`
@@ -1826,8 +1827,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -1917,8 +1918,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -2306,8 +2307,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2315,8 +2316,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2473,8 +2474,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2482,8 +2483,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2640,8 +2641,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2649,8 +2650,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2807,8 +2808,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2816,8 +2817,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -2958,8 +2959,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3049,8 +3050,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3138,8 +3139,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3229,8 +3230,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -4028,8 +4029,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"min_domains": schema.Int64Attribute{
- Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
- MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
+ Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
+ MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
Required: false,
Optional: true,
Computed: false,
@@ -4355,8 +4356,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -4364,8 +4365,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -4522,8 +4523,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -4531,8 +4532,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -4689,8 +4690,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -4698,8 +4699,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -4856,8 +4857,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -4865,8 +4866,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -5857,8 +5858,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -5866,8 +5867,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -6024,8 +6025,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -6033,8 +6034,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -6191,8 +6192,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -6200,8 +6201,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -6358,8 +6359,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -6367,8 +6368,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -6509,8 +6510,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6600,8 +6601,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6689,8 +6690,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6780,8 +6781,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -7579,8 +7580,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"min_domains": schema.Int64Attribute{
- Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
- MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
+ Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
+ MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
Required: false,
Optional: true,
Computed: false,
@@ -7914,8 +7915,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -7923,8 +7924,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -8081,8 +8082,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -8090,8 +8091,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -8248,8 +8249,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -8257,8 +8258,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -8415,8 +8416,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -8424,8 +8425,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -9303,6 +9304,14 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
Computed: false,
},
+ "ipv6_disabled": schema.BoolAttribute{
+ Description: "Disable ipv6 for pulpcore and pulp-web pods",
+ MarkdownDescription: "Disable ipv6 for pulpcore and pulp-web pods",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"is_nginx_ingress": schema.BoolAttribute{
Description: "Define if the IngressClass provided has Nginx as Ingress Controller. If the Ingress Controller is not nginx the operator will automatically provision 'pulp-web' pods to redirect the traffic. If it is a nginx controller the traffic will be forwarded to api and content pods. This variable is a workaround to avoid having to grant a ClusterRole (to do a get into the IngressClass and verify the controller). Default: false",
MarkdownDescription: "Define if the IngressClass provided has Nginx as Ingress Controller. If the Ingress Controller is not nginx the operator will automatically provision 'pulp-web' pods to redirect the traffic. If it is a nginx controller the traffic will be forwarded to api and content pods. This variable is a workaround to avoid having to grant a ClusterRole (to do a get into the IngressClass and verify the controller). Default: false",
@@ -9401,8 +9410,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -9492,8 +9501,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -9782,8 +9791,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -9873,8 +9882,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10146,8 +10155,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10237,8 +10246,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -11151,8 +11160,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -11160,8 +11169,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -11318,8 +11327,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -11327,8 +11336,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -11485,8 +11494,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -11494,8 +11503,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -11652,8 +11661,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"match_label_keys": schema.ListAttribute{
- Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MatchLabelKeys and LabelSelector. Also, MatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -11661,8 +11670,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"mismatch_label_keys": schema.ListAttribute{
- Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
- MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'LabelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both MismatchLabelKeys and LabelSelector. Also, MismatchLabelKeys cannot be set when LabelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -11803,8 +11812,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -11894,8 +11903,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -11967,8 +11976,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -12058,8 +12067,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -12857,8 +12866,8 @@ func (r *RepoManagerPulpprojectOrgPulpV1Beta2Manifest) Schema(_ context.Context,
},
"min_domains": schema.Int64Attribute{
- Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
- MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
+ Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
+ MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/resources_teleport_dev_v2/resources_teleport_dev_teleport_saml_connector_v2_manifest.go b/internal/provider/resources_teleport_dev_v2/resources_teleport_dev_teleport_saml_connector_v2_manifest.go
index 9cc08a990..d7f1b000c 100644
--- a/internal/provider/resources_teleport_dev_v2/resources_teleport_dev_teleport_saml_connector_v2_manifest.go
+++ b/internal/provider/resources_teleport_dev_v2/resources_teleport_dev_teleport_saml_connector_v2_manifest.go
@@ -60,10 +60,15 @@ type ResourcesTeleportDevTeleportSamlconnectorV2ManifestData struct {
Allowed_https_hostnames *[]string `tfsdk:"allowed_https_hostnames" json:"allowed_https_hostnames,omitempty"`
Insecure_allowed_cidr_ranges *[]string `tfsdk:"insecure_allowed_cidr_ranges" json:"insecure_allowed_cidr_ranges,omitempty"`
} `tfsdk:"client_redirect_settings" json:"client_redirect_settings,omitempty"`
- Display *string `tfsdk:"display" json:"display,omitempty"`
- Entity_descriptor *string `tfsdk:"entity_descriptor" json:"entity_descriptor,omitempty"`
- Entity_descriptor_url *string `tfsdk:"entity_descriptor_url" json:"entity_descriptor_url,omitempty"`
- Issuer *string `tfsdk:"issuer" json:"issuer,omitempty"`
+ Display *string `tfsdk:"display" json:"display,omitempty"`
+ Entity_descriptor *string `tfsdk:"entity_descriptor" json:"entity_descriptor,omitempty"`
+ Entity_descriptor_url *string `tfsdk:"entity_descriptor_url" json:"entity_descriptor_url,omitempty"`
+ Issuer *string `tfsdk:"issuer" json:"issuer,omitempty"`
+ Mfa *struct {
+ Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
+ Entity_descriptor *string `tfsdk:"entity_descriptor" json:"entity_descriptor,omitempty"`
+ Entity_descriptor_url *string `tfsdk:"entity_descriptor_url" json:"entity_descriptor_url,omitempty"`
+ } `tfsdk:"mfa" json:"mfa,omitempty"`
Provider *string `tfsdk:"provider" json:"provider,omitempty"`
Service_provider_issuer *string `tfsdk:"service_provider_issuer" json:"service_provider_issuer,omitempty"`
Signing_key_pair *struct {
@@ -304,6 +309,39 @@ func (r *ResourcesTeleportDevTeleportSamlconnectorV2Manifest) Schema(_ context.C
Computed: false,
},
+ "mfa": schema.SingleNestedAttribute{
+ Description: "MFASettings contains settings to enable SSO MFA checks through this auth connector.",
+ MarkdownDescription: "MFASettings contains settings to enable SSO MFA checks through this auth connector.",
+ Attributes: map[string]schema.Attribute{
+ "enabled": schema.BoolAttribute{
+ Description: "Enabled specified whether this SAML connector supports MFA checks. Defaults to false.",
+ MarkdownDescription: "Enabled specified whether this SAML connector supports MFA checks. Defaults to false.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "entity_descriptor": schema.StringAttribute{
+ Description: "EntityDescriptor is XML with descriptor. It can be used to supply configuration parameters in one XML file rather than supplying them in the individual elements.",
+ MarkdownDescription: "EntityDescriptor is XML with descriptor. It can be used to supply configuration parameters in one XML file rather than supplying them in the individual elements.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "entity_descriptor_url": schema.StringAttribute{
+ Description: "EntityDescriptorUrl is a URL that supplies a configuration XML.",
+ MarkdownDescription: "EntityDescriptorUrl is a URL that supplies a configuration XML.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"provider": schema.StringAttribute{
Description: "Provider is the external identity provider.",
MarkdownDescription: "Provider is the external identity provider.",
diff --git a/internal/provider/resources_teleport_dev_v3/resources_teleport_dev_teleport_oidc_connector_v3_manifest.go b/internal/provider/resources_teleport_dev_v3/resources_teleport_dev_teleport_oidc_connector_v3_manifest.go
index 1d3f10c3c..e3649bfae 100644
--- a/internal/provider/resources_teleport_dev_v3/resources_teleport_dev_teleport_oidc_connector_v3_manifest.go
+++ b/internal/provider/resources_teleport_dev_v3/resources_teleport_dev_teleport_oidc_connector_v3_manifest.go
@@ -55,18 +55,25 @@ type ResourcesTeleportDevTeleportOidcconnectorV3ManifestData struct {
Allowed_https_hostnames *[]string `tfsdk:"allowed_https_hostnames" json:"allowed_https_hostnames,omitempty"`
Insecure_allowed_cidr_ranges *[]string `tfsdk:"insecure_allowed_cidr_ranges" json:"insecure_allowed_cidr_ranges,omitempty"`
} `tfsdk:"client_redirect_settings" json:"client_redirect_settings,omitempty"`
- Client_secret *string `tfsdk:"client_secret" json:"client_secret,omitempty"`
- Display *string `tfsdk:"display" json:"display,omitempty"`
- Google_admin_email *string `tfsdk:"google_admin_email" json:"google_admin_email,omitempty"`
- Google_service_account *string `tfsdk:"google_service_account" json:"google_service_account,omitempty"`
- Google_service_account_uri *string `tfsdk:"google_service_account_uri" json:"google_service_account_uri,omitempty"`
- Issuer_url *string `tfsdk:"issuer_url" json:"issuer_url,omitempty"`
- Max_age *string `tfsdk:"max_age" json:"max_age,omitempty"`
- Prompt *string `tfsdk:"prompt" json:"prompt,omitempty"`
- Provider *string `tfsdk:"provider" json:"provider,omitempty"`
- Redirect_url *[]string `tfsdk:"redirect_url" json:"redirect_url,omitempty"`
- Scope *[]string `tfsdk:"scope" json:"scope,omitempty"`
- Username_claim *string `tfsdk:"username_claim" json:"username_claim,omitempty"`
+ Client_secret *string `tfsdk:"client_secret" json:"client_secret,omitempty"`
+ Display *string `tfsdk:"display" json:"display,omitempty"`
+ Google_admin_email *string `tfsdk:"google_admin_email" json:"google_admin_email,omitempty"`
+ Google_service_account *string `tfsdk:"google_service_account" json:"google_service_account,omitempty"`
+ Google_service_account_uri *string `tfsdk:"google_service_account_uri" json:"google_service_account_uri,omitempty"`
+ Issuer_url *string `tfsdk:"issuer_url" json:"issuer_url,omitempty"`
+ Max_age *string `tfsdk:"max_age" json:"max_age,omitempty"`
+ Mfa *struct {
+ Acr_values *string `tfsdk:"acr_values" json:"acr_values,omitempty"`
+ Client_id *string `tfsdk:"client_id" json:"client_id,omitempty"`
+ Client_secret *string `tfsdk:"client_secret" json:"client_secret,omitempty"`
+ Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
+ Prompt *string `tfsdk:"prompt" json:"prompt,omitempty"`
+ } `tfsdk:"mfa" json:"mfa,omitempty"`
+ Prompt *string `tfsdk:"prompt" json:"prompt,omitempty"`
+ Provider *string `tfsdk:"provider" json:"provider,omitempty"`
+ Redirect_url *[]string `tfsdk:"redirect_url" json:"redirect_url,omitempty"`
+ Scope *[]string `tfsdk:"scope" json:"scope,omitempty"`
+ Username_claim *string `tfsdk:"username_claim" json:"username_claim,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
}
@@ -290,6 +297,55 @@ func (r *ResourcesTeleportDevTeleportOidcconnectorV3Manifest) Schema(_ context.C
Computed: false,
},
+ "mfa": schema.SingleNestedAttribute{
+ Description: "MFASettings contains settings to enable SSO MFA checks through this auth connector.",
+ MarkdownDescription: "MFASettings contains settings to enable SSO MFA checks through this auth connector.",
+ Attributes: map[string]schema.Attribute{
+ "acr_values": schema.StringAttribute{
+ Description: "AcrValues are Authentication Context Class Reference values. The meaning of the ACR value is context-specific and varies for identity providers. Some identity providers support MFA specific contexts, such Okta with its 'phr' (phishing-resistant) ACR.",
+ MarkdownDescription: "AcrValues are Authentication Context Class Reference values. The meaning of the ACR value is context-specific and varies for identity providers. Some identity providers support MFA specific contexts, such Okta with its 'phr' (phishing-resistant) ACR.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "client_id": schema.StringAttribute{
+ Description: "ClientID is the OIDC OAuth app client ID.",
+ MarkdownDescription: "ClientID is the OIDC OAuth app client ID.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "client_secret": schema.StringAttribute{
+ Description: "ClientSecret is the OIDC OAuth app client secret.",
+ MarkdownDescription: "ClientSecret is the OIDC OAuth app client secret.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "enabled": schema.BoolAttribute{
+ Description: "Enabled specified whether this OIDC connector supports MFA checks. Defaults to false.",
+ MarkdownDescription: "Enabled specified whether this OIDC connector supports MFA checks. Defaults to false.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "prompt": schema.StringAttribute{
+ Description: "Prompt is an optional OIDC prompt. An empty string omits prompt. If not specified, it defaults to select_account for backwards compatibility.",
+ MarkdownDescription: "Prompt is an optional OIDC prompt. An empty string omits prompt. If not specified, it defaults to select_account for backwards compatibility.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"prompt": schema.StringAttribute{
Description: "Prompt is an optional OIDC prompt. An empty string omits prompt. If not specified, it defaults to select_account for backwards compatibility.",
MarkdownDescription: "Prompt is an optional OIDC prompt. An empty string omits prompt. If not specified, it defaults to select_account for backwards compatibility.",
diff --git a/internal/provider/scylla_scylladb_com_v1/scylla_scylladb_com_scylla_cluster_v1_manifest.go b/internal/provider/scylla_scylladb_com_v1/scylla_scylladb_com_scylla_cluster_v1_manifest.go
index 31262bb41..437b0eaf0 100644
--- a/internal/provider/scylla_scylladb_com_v1/scylla_scylladb_com_scylla_cluster_v1_manifest.go
+++ b/internal/provider/scylla_scylladb_com_v1/scylla_scylladb_com_scylla_cluster_v1_manifest.go
@@ -4561,8 +4561,8 @@ func (r *ScyllaScylladbComScyllaClusterV1Manifest) Schema(_ context.Context, _ d
},
"host_networking": schema.BoolAttribute{
- Description: "hostNetworking determines if scylla uses the host's network namespace. Setting this option avoids going through Kubernetes SDN and exposes scylla on node's IP.",
- MarkdownDescription: "hostNetworking determines if scylla uses the host's network namespace. Setting this option avoids going through Kubernetes SDN and exposes scylla on node's IP.",
+ Description: "hostNetworking determines if scylla uses the host's network namespace. Setting this option avoids going through Kubernetes SDN and exposes scylla on node's IP. Deprecated: 'hostNetworking' is deprecated and may be ignored in the future.",
+ MarkdownDescription: "hostNetworking determines if scylla uses the host's network namespace. Setting this option avoids going through Kubernetes SDN and exposes scylla on node's IP. Deprecated: 'hostNetworking' is deprecated and may be ignored in the future.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_auth_v1beta1_manifest.go b/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_auth_v1beta1_manifest.go
index c6218985f..b55eda22f 100644
--- a/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_auth_v1beta1_manifest.go
+++ b/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_auth_v1beta1_manifest.go
@@ -574,8 +574,8 @@ func (r *SecretsHashicorpComVaultAuthV1Beta1Manifest) Schema(_ context.Context,
},
"vault_connection_ref": schema.StringAttribute{
- Description: "VaultConnectionRef to the VaultConnection resource, can be prefixed with a namespace, eg: 'namespaceA/vaultConnectionRefB'. If no namespace prefix is provided it will default to namespace of the VaultConnection CR. If no value is specified for VaultConnectionRef the Operator will default to the 'default' VaultConnection, configured in the operator's namespace.",
- MarkdownDescription: "VaultConnectionRef to the VaultConnection resource, can be prefixed with a namespace, eg: 'namespaceA/vaultConnectionRefB'. If no namespace prefix is provided it will default to namespace of the VaultConnection CR. If no value is specified for VaultConnectionRef the Operator will default to the 'default' VaultConnection, configured in the operator's namespace.",
+ Description: "VaultConnectionRef to the VaultConnection resource, can be prefixed with a namespace, eg: 'namespaceA/vaultConnectionRefB'. If no namespace prefix is provided it will default to the namespace of the VaultConnection CR. If no value is specified for VaultConnectionRef the Operator will default to the 'default' VaultConnection, configured in the operator's namespace.",
+ MarkdownDescription: "VaultConnectionRef to the VaultConnection resource, can be prefixed with a namespace, eg: 'namespaceA/vaultConnectionRefB'. If no namespace prefix is provided it will default to the namespace of the VaultConnection CR. If no value is specified for VaultConnectionRef the Operator will default to the 'default' VaultConnection, configured in the operator's namespace.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_dynamic_secret_v1beta1_manifest.go b/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_dynamic_secret_v1beta1_manifest.go
index fff376900..95eeeef9a 100644
--- a/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_dynamic_secret_v1beta1_manifest.go
+++ b/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_dynamic_secret_v1beta1_manifest.go
@@ -372,8 +372,8 @@ func (r *SecretsHashicorpComVaultDynamicSecretV1Beta1Manifest) Schema(_ context.
},
"namespace": schema.StringAttribute{
- Description: "Namespace where the secrets engine is mounted in Vault.",
- MarkdownDescription: "Namespace where the secrets engine is mounted in Vault.",
+ Description: "Namespace of the secrets engine mount in Vault. If not set, the namespace that's part of VaultAuth resource will be inferred.",
+ MarkdownDescription: "Namespace of the secrets engine mount in Vault. If not set, the namespace that's part of VaultAuth resource will be inferred.",
Required: false,
Optional: true,
Computed: false,
@@ -469,8 +469,8 @@ func (r *SecretsHashicorpComVaultDynamicSecretV1Beta1Manifest) Schema(_ context.
},
"vault_auth_ref": schema.StringAttribute{
- Description: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
- MarkdownDescription: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
+ Description: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to the namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
+ MarkdownDescription: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to the namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_pki_secret_v1beta1_manifest.go b/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_pki_secret_v1beta1_manifest.go
index 0abfed0c3..102a68bd1 100644
--- a/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_pki_secret_v1beta1_manifest.go
+++ b/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_pki_secret_v1beta1_manifest.go
@@ -441,8 +441,8 @@ func (r *SecretsHashicorpComVaultPkisecretV1Beta1Manifest) Schema(_ context.Cont
},
"namespace": schema.StringAttribute{
- Description: "Namespace to get the secret from in Vault",
- MarkdownDescription: "Namespace to get the secret from in Vault",
+ Description: "Namespace of the secrets engine mount in Vault. If not set, the namespace that's part of VaultAuth resource will be inferred.",
+ MarkdownDescription: "Namespace of the secrets engine mount in Vault. If not set, the namespace that's part of VaultAuth resource will be inferred.",
Required: false,
Optional: true,
Computed: false,
@@ -549,8 +549,8 @@ func (r *SecretsHashicorpComVaultPkisecretV1Beta1Manifest) Schema(_ context.Cont
},
"vault_auth_ref": schema.StringAttribute{
- Description: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
- MarkdownDescription: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
+ Description: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to the namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
+ MarkdownDescription: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to the namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_static_secret_v1beta1_manifest.go b/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_static_secret_v1beta1_manifest.go
index 7ab2a8ca6..9613082a5 100644
--- a/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_static_secret_v1beta1_manifest.go
+++ b/internal/provider/secrets_hashicorp_com_v1beta1/secrets_hashicorp_com_vault_static_secret_v1beta1_manifest.go
@@ -373,8 +373,8 @@ func (r *SecretsHashicorpComVaultStaticSecretV1Beta1Manifest) Schema(_ context.C
},
"namespace": schema.StringAttribute{
- Description: "Namespace to get the secret from in Vault",
- MarkdownDescription: "Namespace to get the secret from in Vault",
+ Description: "Namespace of the secrets engine mount in Vault. If not set, the namespace that's part of VaultAuth resource will be inferred.",
+ MarkdownDescription: "Namespace of the secrets engine mount in Vault. If not set, the namespace that's part of VaultAuth resource will be inferred.",
Required: false,
Optional: true,
Computed: false,
@@ -458,8 +458,8 @@ func (r *SecretsHashicorpComVaultStaticSecretV1Beta1Manifest) Schema(_ context.C
},
"vault_auth_ref": schema.StringAttribute{
- Description: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
- MarkdownDescription: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
+ Description: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to the namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
+ MarkdownDescription: "VaultAuthRef to the VaultAuth resource, can be prefixed with a namespace, eg: 'namespaceA/vaultAuthRefB'. If no namespace prefix is provided it will default to the namespace of the VaultAuth CR. If no value is specified for VaultAuthRef the Operator will default to the 'default' VaultAuth, configured in the operator's namespace.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/secrets_stackable_tech_v1alpha1/secrets_stackable_tech_secret_class_v1alpha1_manifest.go b/internal/provider/secrets_stackable_tech_v1alpha1/secrets_stackable_tech_secret_class_v1alpha1_manifest.go
index 821b25e66..54fd5882a 100644
--- a/internal/provider/secrets_stackable_tech_v1alpha1/secrets_stackable_tech_secret_class_v1alpha1_manifest.go
+++ b/internal/provider/secrets_stackable_tech_v1alpha1/secrets_stackable_tech_secret_class_v1alpha1_manifest.go
@@ -48,7 +48,12 @@ type SecretsStackableTechSecretClassV1Alpha1ManifestData struct {
Ca *struct {
AutoGenerate *bool `tfsdk:"auto_generate" json:"autoGenerate,omitempty"`
CaCertificateLifetime *string `tfsdk:"ca_certificate_lifetime" json:"caCertificateLifetime,omitempty"`
- Secret *struct {
+ KeyGeneration *struct {
+ Rsa *struct {
+ Length *int64 `tfsdk:"length" json:"length,omitempty"`
+ } `tfsdk:"rsa" json:"rsa,omitempty"`
+ } `tfsdk:"key_generation" json:"keyGeneration,omitempty"`
+ Secret *struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"secret" json:"secret,omitempty"`
@@ -173,8 +178,8 @@ func (r *SecretsStackableTechSecretClassV1Alpha1Manifest) Schema(_ context.Conte
MarkdownDescription: "Each SecretClass is associated with a single [backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend), which dictates the mechanism for issuing that kind of Secret.",
Attributes: map[string]schema.Attribute{
"auto_tls": schema.SingleNestedAttribute{
- Description: "The ['autoTls' backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-autotls) issues a TLS certificate signed by the Secret Operator. The certificate authority can be provided by the administrator, or managed automatically by the Secret Operator. A new certificate and keypair will be generated and signed for each Pod, keys or certificates are never reused.",
- MarkdownDescription: "The ['autoTls' backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-autotls) issues a TLS certificate signed by the Secret Operator. The certificate authority can be provided by the administrator, or managed automatically by the Secret Operator. A new certificate and keypair will be generated and signed for each Pod, keys or certificates are never reused.",
+ Description: "The ['autoTls' backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-autotls) issues a TLS certificate signed by the Secret Operator. The certificate authority can be provided by the administrator, or managed automatically by the Secret Operator. A new certificate and key pair will be generated and signed for each Pod, keys or certificates are never reused.",
+ MarkdownDescription: "The ['autoTls' backend](https://docs.stackable.tech/home/nightly/secret-operator/secretclass#backend-autotls) issues a TLS certificate signed by the Secret Operator. The certificate authority can be provided by the administrator, or managed automatically by the Secret Operator. A new certificate and key pair will be generated and signed for each Pod, keys or certificates are never reused.",
Attributes: map[string]schema.Attribute{
"ca": schema.SingleNestedAttribute{
Description: "Configures the certificate authority used to issue Pod certificates.",
@@ -196,6 +201,35 @@ func (r *SecretsStackableTechSecretClassV1Alpha1Manifest) Schema(_ context.Conte
Computed: false,
},
+ "key_generation": schema.SingleNestedAttribute{
+ Description: "The algorithm used to generate a key pair and required configuration settings. Currently only RSA and a key length of 2048, 3072 or 4096 bits can be configured.",
+ MarkdownDescription: "The algorithm used to generate a key pair and required configuration settings. Currently only RSA and a key length of 2048, 3072 or 4096 bits can be configured.",
+ Attributes: map[string]schema.Attribute{
+ "rsa": schema.SingleNestedAttribute{
+ Description: "",
+ MarkdownDescription: "",
+ Attributes: map[string]schema.Attribute{
+ "length": schema.Int64Attribute{
+ Description: "The amount of bits used for generating the RSA keypair. Currently, '2048', '3072' and '4096' are supported. Defaults to '2048' bits.",
+ MarkdownDescription: "The amount of bits used for generating the RSA keypair. Currently, '2048', '3072' and '4096' are supported. Defaults to '2048' bits.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ Validators: []validator.Int64{
+ int64validator.OneOf(2048, 3072, 4096),
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"secret": schema.SingleNestedAttribute{
Description: "Reference (name and namespace) to a Kubernetes Secret object where the CA certificate and key is stored in the keys 'ca.crt' and 'ca.key' respectively.",
MarkdownDescription: "Reference (name and namespace) to a Kubernetes Secret object where the CA certificate and key is stored in the keys 'ca.crt' and 'ca.key' respectively.",
diff --git a/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_build_v1alpha08_manifest.go b/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_build_v1alpha08_manifest.go
index 67324ffe0..7e5a74d1d 100644
--- a/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_build_v1alpha08_manifest.go
+++ b/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_build_v1alpha08_manifest.go
@@ -229,8 +229,8 @@ func (r *SonataflowOrgSonataFlowBuildV1Alpha08Manifest) Schema(_ context.Context
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -320,8 +320,8 @@ func (r *SonataflowOrgSonataFlowBuildV1Alpha08Manifest) Schema(_ context.Context
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -389,8 +389,8 @@ func (r *SonataflowOrgSonataFlowBuildV1Alpha08Manifest) Schema(_ context.Context
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -480,8 +480,8 @@ func (r *SonataflowOrgSonataFlowBuildV1Alpha08Manifest) Schema(_ context.Context
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_platform_v1alpha08_manifest.go b/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_platform_v1alpha08_manifest.go
index 3247b6bfb..79d0c9b3b 100644
--- a/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_platform_v1alpha08_manifest.go
+++ b/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_platform_v1alpha08_manifest.go
@@ -122,6 +122,20 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
DevMode *struct {
BaseImage *string `tfsdk:"base_image" json:"baseImage,omitempty"`
} `tfsdk:"dev_mode" json:"devMode,omitempty"`
+ Eventing *struct {
+ Broker *struct {
+ CACerts *string `tfsdk:"ca_certs" json:"CACerts,omitempty"`
+ Ref *struct {
+ Address *string `tfsdk:"address" json:"address,omitempty"`
+ ApiVersion *string `tfsdk:"api_version" json:"apiVersion,omitempty"`
+ Group *string `tfsdk:"group" json:"group,omitempty"`
+ Kind *string `tfsdk:"kind" json:"kind,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
+ } `tfsdk:"ref" json:"ref,omitempty"`
+ Uri *string `tfsdk:"uri" json:"uri,omitempty"`
+ } `tfsdk:"broker" json:"broker,omitempty"`
+ } `tfsdk:"eventing" json:"eventing,omitempty"`
Persistence *struct {
Postgresql *struct {
JdbcUrl *string `tfsdk:"jdbc_url" json:"jdbcUrl,omitempty"`
@@ -222,6 +236,8 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -244,6 +260,8 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -267,6 +285,8 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -289,6 +309,8 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -359,6 +381,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -378,6 +403,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -462,7 +490,11 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"resources" json:"resources,omitempty"`
SecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -528,12 +560,13 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"volume_devices" json:"volumeDevices,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
} `tfsdk:"container" json:"container,omitempty"`
Containers *[]struct {
@@ -592,6 +625,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -611,6 +647,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -694,9 +733,14 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
+ RestartPolicy *string `tfsdk:"restart_policy" json:"restartPolicy,omitempty"`
SecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -762,12 +806,13 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"volume_devices" json:"volumeDevices,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"containers" json:"containers,omitempty"`
@@ -849,6 +894,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -868,6 +916,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -951,9 +1002,14 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
+ RestartPolicy *string `tfsdk:"restart_policy" json:"restartPolicy,omitempty"`
SecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -1019,12 +1075,13 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"volume_devices" json:"volumeDevices,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
@@ -1055,6 +1112,10 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"scheduling_gates" json:"schedulingGates,omitempty"`
SecurityContext *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
@@ -1205,9 +1266,6 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -1219,9 +1277,10 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -1302,6 +1361,20 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1403,6 +1476,18 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"vsphere_volume" json:"vsphereVolume,omitempty"`
} `tfsdk:"volumes" json:"volumes,omitempty"`
} `tfsdk:"pod_template" json:"podTemplate,omitempty"`
+ Source *struct {
+ CACerts *string `tfsdk:"ca_certs" json:"CACerts,omitempty"`
+ Ref *struct {
+ Address *string `tfsdk:"address" json:"address,omitempty"`
+ ApiVersion *string `tfsdk:"api_version" json:"apiVersion,omitempty"`
+ Group *string `tfsdk:"group" json:"group,omitempty"`
+ Kind *string `tfsdk:"kind" json:"kind,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
+ } `tfsdk:"ref" json:"ref,omitempty"`
+ Uri *string `tfsdk:"uri" json:"uri,omitempty"`
+ } `tfsdk:"source" json:"source,omitempty"`
} `tfsdk:"data_index" json:"dataIndex,omitempty"`
JobService *struct {
Enabled *bool `tfsdk:"enabled" json:"enabled,omitempty"`
@@ -1469,6 +1554,8 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1491,6 +1578,8 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1514,6 +1603,8 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1536,6 +1627,8 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1606,6 +1699,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -1625,6 +1721,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -1709,7 +1808,11 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"resources" json:"resources,omitempty"`
SecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -1775,12 +1878,13 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"volume_devices" json:"volumeDevices,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
} `tfsdk:"container" json:"container,omitempty"`
Containers *[]struct {
@@ -1839,6 +1943,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -1858,6 +1965,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -1941,9 +2051,14 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
+ RestartPolicy *string `tfsdk:"restart_policy" json:"restartPolicy,omitempty"`
SecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -2009,12 +2124,13 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"volume_devices" json:"volumeDevices,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"containers" json:"containers,omitempty"`
@@ -2096,6 +2212,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -2115,6 +2234,9 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -2198,9 +2320,14 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
+ RestartPolicy *string `tfsdk:"restart_policy" json:"restartPolicy,omitempty"`
SecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -2266,12 +2393,13 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"volume_devices" json:"volumeDevices,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
@@ -2302,6 +2430,10 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"scheduling_gates" json:"schedulingGates,omitempty"`
SecurityContext *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
@@ -2452,9 +2584,6 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -2466,9 +2595,10 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -2549,6 +2679,20 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -2650,6 +2794,30 @@ type SonataflowOrgSonataFlowPlatformV1Alpha08ManifestData struct {
} `tfsdk:"vsphere_volume" json:"vsphereVolume,omitempty"`
} `tfsdk:"volumes" json:"volumes,omitempty"`
} `tfsdk:"pod_template" json:"podTemplate,omitempty"`
+ Sink *struct {
+ CACerts *string `tfsdk:"ca_certs" json:"CACerts,omitempty"`
+ Ref *struct {
+ Address *string `tfsdk:"address" json:"address,omitempty"`
+ ApiVersion *string `tfsdk:"api_version" json:"apiVersion,omitempty"`
+ Group *string `tfsdk:"group" json:"group,omitempty"`
+ Kind *string `tfsdk:"kind" json:"kind,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
+ } `tfsdk:"ref" json:"ref,omitempty"`
+ Uri *string `tfsdk:"uri" json:"uri,omitempty"`
+ } `tfsdk:"sink" json:"sink,omitempty"`
+ Source *struct {
+ CACerts *string `tfsdk:"ca_certs" json:"CACerts,omitempty"`
+ Ref *struct {
+ Address *string `tfsdk:"address" json:"address,omitempty"`
+ ApiVersion *string `tfsdk:"api_version" json:"apiVersion,omitempty"`
+ Group *string `tfsdk:"group" json:"group,omitempty"`
+ Kind *string `tfsdk:"kind" json:"kind,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
+ } `tfsdk:"ref" json:"ref,omitempty"`
+ Uri *string `tfsdk:"uri" json:"uri,omitempty"`
+ } `tfsdk:"source" json:"source,omitempty"`
} `tfsdk:"job_service" json:"jobService,omitempty"`
} `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
@@ -2878,8 +3046,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -2969,8 +3137,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3038,8 +3206,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3129,8 +3297,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3241,6 +3409,97 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "eventing": schema.SingleNestedAttribute{
+ Description: "Eventing describes the information required for Knative Eventing integration in the platform.",
+ MarkdownDescription: "Eventing describes the information required for Knative Eventing integration in the platform.",
+ Attributes: map[string]schema.Attribute{
+ "broker": schema.SingleNestedAttribute{
+ Description: "Broker to communicate with workflow deployment. It can be the default broker when the workflow, Dataindex, or Jobservice does not have a sink or source specified.",
+ MarkdownDescription: "Broker to communicate with workflow deployment. It can be the default broker when the workflow, Dataindex, or Jobservice does not have a sink or source specified.",
+ Attributes: map[string]schema.Attribute{
+ "ca_certs": schema.StringAttribute{
+ Description: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ MarkdownDescription: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "ref": schema.SingleNestedAttribute{
+ Description: "Ref points to an Addressable.",
+ MarkdownDescription: "Ref points to an Addressable.",
+ Attributes: map[string]schema.Attribute{
+ "address": schema.StringAttribute{
+ Description: "Address points to a specific Address Name.",
+ MarkdownDescription: "Address points to a specific Address Name.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "api_version": schema.StringAttribute{
+ Description: "API version of the referent.",
+ MarkdownDescription: "API version of the referent.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "group": schema.StringAttribute{
+ Description: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ MarkdownDescription: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "kind": schema.StringAttribute{
+ Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ MarkdownDescription: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "namespace": schema.StringAttribute{
+ Description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ MarkdownDescription: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "uri": schema.StringAttribute{
+ Description: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ MarkdownDescription: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"persistence": schema.SingleNestedAttribute{
Description: "Persistence defines the platform persistence configuration. When this field is set, the configuration is used as the persistence for platform services and SonataFlow instances that don't provide one of their own.",
MarkdownDescription: "Persistence defines the platform persistence configuration. When this field is set, the configuration is used as the persistence for platform services and SonataFlow instances that don't provide one of their own.",
@@ -3383,8 +3642,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3416,8 +3675,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3815,8 +4074,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "Required. A pod affinity term, associated with the corresponding weight.",
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -3868,6 +4127,24 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -3964,8 +4241,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -4017,6 +4294,24 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -4113,8 +4408,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "Required. A pod affinity term, associated with the corresponding weight.",
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -4166,6 +4461,24 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -4262,8 +4575,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -4315,6 +4628,24 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -4470,8 +4801,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -4561,8 +4892,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -4602,8 +4933,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -4635,8 +4966,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -4771,6 +5102,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -4891,6 +5239,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -5448,6 +5813,31 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
@@ -5569,8 +5959,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -5610,8 +6000,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -5909,8 +6299,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -5932,6 +6322,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -6020,8 +6418,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6111,8 +6509,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6152,8 +6550,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6185,8 +6583,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6321,6 +6719,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -6441,6 +6856,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -6994,6 +7426,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "restart_policy": schema.StringAttribute{
+ Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ MarkdownDescription: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"security_context": schema.SingleNestedAttribute{
Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
MarkdownDescription: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
@@ -7006,6 +7446,31 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
@@ -7127,8 +7592,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -7168,8 +7633,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -7467,8 +7932,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -7490,6 +7955,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -7613,8 +8086,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
"ip": schema.StringAttribute{
Description: "IP address of the host file entry.",
MarkdownDescription: "IP address of the host file entry.",
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -7670,8 +8143,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -7744,8 +8217,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -7835,8 +8308,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -7876,8 +8349,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -7909,8 +8382,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -8045,15 +8518,32 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
- "tcp_socket": schema.SingleNestedAttribute{
- Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
- MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
Attributes: map[string]schema.Attribute{
- "host": schema.StringAttribute{
- Description: "Optional: Host name to connect to, defaults to the pod IP.",
- MarkdownDescription: "Optional: Host name to connect to, defaults to the pod IP.",
- Required: false,
- Optional: true,
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "tcp_socket": schema.SingleNestedAttribute{
+ Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
+ MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
+ Attributes: map[string]schema.Attribute{
+ "host": schema.StringAttribute{
+ Description: "Optional: Host name to connect to, defaults to the pod IP.",
+ MarkdownDescription: "Optional: Host name to connect to, defaults to the pod IP.",
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -8165,6 +8655,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -8718,6 +9225,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "restart_policy": schema.StringAttribute{
+ Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ MarkdownDescription: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"security_context": schema.SingleNestedAttribute{
Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
MarkdownDescription: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
@@ -8730,6 +9245,31 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
@@ -8851,8 +9391,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -8892,8 +9432,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -9191,8 +9731,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -9214,6 +9754,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -9370,8 +9918,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"resource_claim_template_name": schema.StringAttribute{
- Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
- MarkdownDescription: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
+ Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
+ MarkdownDescription: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
Required: false,
Optional: true,
Computed: false,
@@ -9435,6 +9983,31 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.",
MarkdownDescription: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.",
Attributes: map[string]schema.Attribute{
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"fs_group": schema.Int64Attribute{
Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
@@ -9521,8 +10094,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -9598,8 +10171,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -9791,8 +10364,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"min_domains": schema.Int64Attribute{
- Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
- MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
+ Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
+ MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
Required: false,
Optional: true,
Computed: false,
@@ -10014,8 +10587,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10064,8 +10637,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10137,8 +10710,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10182,8 +10755,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10234,8 +10807,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -10451,25 +11024,6 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
MarkdownDescription: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- MarkdownDescription: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- MarkdownDescription: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
MarkdownDescription: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
@@ -10555,6 +11109,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
MarkdownDescription: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
@@ -10679,8 +11241,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10935,8 +11497,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is the CHAP Secret for iSCSI target and initiator authentication",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -11101,6 +11663,101 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "sources is the list of volume projections",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ MarkdownDescription: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ MarkdownDescription: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "key is the label key that the selector applies to.",
+ MarkdownDescription: "key is the label key that the selector applies to.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ MarkdownDescription: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ MarkdownDescription: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ MarkdownDescription: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ MarkdownDescription: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ MarkdownDescription: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "Relative path from the volume root to write the bundle.",
+ MarkdownDescription: "Relative path from the volume root to write the bundle.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "configMap information about the configMap data to project",
MarkdownDescription: "configMap information about the configMap data to project",
@@ -11141,8 +11798,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -11171,8 +11828,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -11295,8 +11952,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -11474,8 +12131,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -11540,8 +12197,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -11690,8 +12347,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -11774,6 +12431,88 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Optional: true,
Computed: false,
},
+
+ "source": schema.SingleNestedAttribute{
+ Description: "Defines the source where the Dataindex receives events from",
+ MarkdownDescription: "Defines the source where the Dataindex receives events from",
+ Attributes: map[string]schema.Attribute{
+ "ca_certs": schema.StringAttribute{
+ Description: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ MarkdownDescription: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "ref": schema.SingleNestedAttribute{
+ Description: "Ref points to an Addressable.",
+ MarkdownDescription: "Ref points to an Addressable.",
+ Attributes: map[string]schema.Attribute{
+ "address": schema.StringAttribute{
+ Description: "Address points to a specific Address Name.",
+ MarkdownDescription: "Address points to a specific Address Name.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "api_version": schema.StringAttribute{
+ Description: "API version of the referent.",
+ MarkdownDescription: "API version of the referent.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "group": schema.StringAttribute{
+ Description: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ MarkdownDescription: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "kind": schema.StringAttribute{
+ Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ MarkdownDescription: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "namespace": schema.StringAttribute{
+ Description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ MarkdownDescription: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "uri": schema.StringAttribute{
+ Description: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ MarkdownDescription: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
@@ -12139,8 +12878,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "Required. A pod affinity term, associated with the corresponding weight.",
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -12192,6 +12931,24 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -12288,8 +13045,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -12341,6 +13098,24 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -12437,8 +13212,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "Required. A pod affinity term, associated with the corresponding weight.",
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -12490,6 +13265,24 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -12586,8 +13379,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -12639,6 +13432,24 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -12794,8 +13605,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -12885,8 +13696,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -12926,8 +13737,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -12959,8 +13770,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -13095,9 +13906,26 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
- "tcp_socket": schema.SingleNestedAttribute{
- Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
- MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "tcp_socket": schema.SingleNestedAttribute{
+ Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
+ MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
Attributes: map[string]schema.Attribute{
"host": schema.StringAttribute{
Description: "Optional: Host name to connect to, defaults to the pod IP.",
@@ -13215,6 +14043,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -13772,6 +14617,31 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
@@ -13893,8 +14763,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -13934,8 +14804,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -14233,8 +15103,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -14256,6 +15126,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -14344,8 +15222,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -14435,8 +15313,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -14476,8 +15354,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -14509,8 +15387,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -14645,6 +15523,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -14765,6 +15660,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -15318,6 +16230,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "restart_policy": schema.StringAttribute{
+ Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ MarkdownDescription: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"security_context": schema.SingleNestedAttribute{
Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
MarkdownDescription: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
@@ -15330,6 +16250,31 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
@@ -15451,8 +16396,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -15492,8 +16437,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -15791,8 +16736,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -15814,6 +16759,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -15937,8 +16890,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
"ip": schema.StringAttribute{
Description: "IP address of the host file entry.",
MarkdownDescription: "IP address of the host file entry.",
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -15994,8 +16947,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -16068,8 +17021,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -16159,8 +17112,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -16200,8 +17153,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -16233,8 +17186,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -16369,6 +17322,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -16489,6 +17459,23 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -17042,6 +18029,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "restart_policy": schema.StringAttribute{
+ Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ MarkdownDescription: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"security_context": schema.SingleNestedAttribute{
Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
MarkdownDescription: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
@@ -17054,6 +18049,31 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
@@ -17175,8 +18195,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -17216,8 +18236,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -17515,8 +18535,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -17538,6 +18558,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -17694,8 +18722,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"resource_claim_template_name": schema.StringAttribute{
- Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
- MarkdownDescription: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
+ Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
+ MarkdownDescription: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
Required: false,
Optional: true,
Computed: false,
@@ -17759,6 +18787,31 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.",
MarkdownDescription: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.",
Attributes: map[string]schema.Attribute{
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"fs_group": schema.Int64Attribute{
Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
@@ -17845,8 +18898,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -17922,8 +18975,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -18115,8 +19168,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"min_domains": schema.Int64Attribute{
- Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
- MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
+ Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
+ MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
Required: false,
Optional: true,
Computed: false,
@@ -18338,8 +19391,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -18388,8 +19441,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -18461,8 +19514,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -18506,8 +19559,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -18558,8 +19611,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -18775,25 +19828,6 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
MarkdownDescription: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- MarkdownDescription: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- MarkdownDescription: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
MarkdownDescription: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
@@ -18879,6 +19913,14 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
MarkdownDescription: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
@@ -19003,8 +20045,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -19259,8 +20301,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is the CHAP Secret for iSCSI target and initiator authentication",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -19425,6 +20467,101 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "sources is the list of volume projections",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ MarkdownDescription: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ MarkdownDescription: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "key is the label key that the selector applies to.",
+ MarkdownDescription: "key is the label key that the selector applies to.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ MarkdownDescription: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ MarkdownDescription: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ MarkdownDescription: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ MarkdownDescription: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ MarkdownDescription: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "Relative path from the volume root to write the bundle.",
+ MarkdownDescription: "Relative path from the volume root to write the bundle.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "configMap information about the configMap data to project",
MarkdownDescription: "configMap information about the configMap data to project",
@@ -19465,8 +20602,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -19495,8 +20632,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -19619,8 +20756,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -19798,8 +20935,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -19864,8 +21001,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -20014,8 +21151,8 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
MarkdownDescription: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -20098,6 +21235,170 @@ func (r *SonataflowOrgSonataFlowPlatformV1Alpha08Manifest) Schema(_ context.Cont
Optional: true,
Computed: false,
},
+
+ "sink": schema.SingleNestedAttribute{
+ Description: "Defines the sink where the Jobservice sends events to",
+ MarkdownDescription: "Defines the sink where the Jobservice sends events to",
+ Attributes: map[string]schema.Attribute{
+ "ca_certs": schema.StringAttribute{
+ Description: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ MarkdownDescription: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "ref": schema.SingleNestedAttribute{
+ Description: "Ref points to an Addressable.",
+ MarkdownDescription: "Ref points to an Addressable.",
+ Attributes: map[string]schema.Attribute{
+ "address": schema.StringAttribute{
+ Description: "Address points to a specific Address Name.",
+ MarkdownDescription: "Address points to a specific Address Name.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "api_version": schema.StringAttribute{
+ Description: "API version of the referent.",
+ MarkdownDescription: "API version of the referent.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "group": schema.StringAttribute{
+ Description: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ MarkdownDescription: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "kind": schema.StringAttribute{
+ Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ MarkdownDescription: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "namespace": schema.StringAttribute{
+ Description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ MarkdownDescription: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "uri": schema.StringAttribute{
+ Description: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ MarkdownDescription: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "source": schema.SingleNestedAttribute{
+ Description: "Defines the source where the Jobservice receives events from",
+ MarkdownDescription: "Defines the source where the Jobservice receives events from",
+ Attributes: map[string]schema.Attribute{
+ "ca_certs": schema.StringAttribute{
+ Description: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ MarkdownDescription: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "ref": schema.SingleNestedAttribute{
+ Description: "Ref points to an Addressable.",
+ MarkdownDescription: "Ref points to an Addressable.",
+ Attributes: map[string]schema.Attribute{
+ "address": schema.StringAttribute{
+ Description: "Address points to a specific Address Name.",
+ MarkdownDescription: "Address points to a specific Address Name.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "api_version": schema.StringAttribute{
+ Description: "API version of the referent.",
+ MarkdownDescription: "API version of the referent.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "group": schema.StringAttribute{
+ Description: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ MarkdownDescription: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "kind": schema.StringAttribute{
+ Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ MarkdownDescription: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "namespace": schema.StringAttribute{
+ Description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ MarkdownDescription: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "uri": schema.StringAttribute{
+ Description: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ MarkdownDescription: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
diff --git a/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_v1alpha08_manifest.go b/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_v1alpha08_manifest.go
index 7aabcfb99..7aba8b48d 100644
--- a/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_v1alpha08_manifest.go
+++ b/internal/provider/sonataflow_org_v1alpha08/sonataflow_org_sonata_flow_v1alpha08_manifest.go
@@ -178,6 +178,8 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -200,6 +202,8 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -223,6 +227,8 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -245,6 +251,8 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ MatchLabelKeys *[]string `tfsdk:"match_label_keys" json:"matchLabelKeys,omitempty"`
+ MismatchLabelKeys *[]string `tfsdk:"mismatch_label_keys" json:"mismatchLabelKeys,omitempty"`
NamespaceSelector *struct {
MatchExpressions *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -315,6 +323,9 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -334,6 +345,9 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -418,7 +432,11 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
} `tfsdk:"resources" json:"resources,omitempty"`
SecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -484,12 +502,13 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"volume_devices" json:"volumeDevices,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
} `tfsdk:"container" json:"container,omitempty"`
Containers *[]struct {
@@ -548,6 +567,9 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -567,6 +589,9 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -650,9 +675,14 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
+ RestartPolicy *string `tfsdk:"restart_policy" json:"restartPolicy,omitempty"`
SecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -718,12 +748,13 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"volume_devices" json:"volumeDevices,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"containers" json:"containers,omitempty"`
@@ -806,6 +837,9 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -825,6 +859,9 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Port *string `tfsdk:"port" json:"port,omitempty"`
Scheme *string `tfsdk:"scheme" json:"scheme,omitempty"`
} `tfsdk:"http_get" json:"httpGet,omitempty"`
+ Sleep *struct {
+ Seconds *int64 `tfsdk:"seconds" json:"seconds,omitempty"`
+ } `tfsdk:"sleep" json:"sleep,omitempty"`
TcpSocket *struct {
Host *string `tfsdk:"host" json:"host,omitempty"`
Port *string `tfsdk:"port" json:"port,omitempty"`
@@ -908,9 +945,14 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
+ RestartPolicy *string `tfsdk:"restart_policy" json:"restartPolicy,omitempty"`
SecurityContext *struct {
AllowPrivilegeEscalation *bool `tfsdk:"allow_privilege_escalation" json:"allowPrivilegeEscalation,omitempty"`
- Capabilities *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
+ Capabilities *struct {
Add *[]string `tfsdk:"add" json:"add,omitempty"`
Drop *[]string `tfsdk:"drop" json:"drop,omitempty"`
} `tfsdk:"capabilities" json:"capabilities,omitempty"`
@@ -976,12 +1018,13 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"volume_devices" json:"volumeDevices,omitempty"`
VolumeMounts *[]struct {
- MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
- MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
- Name *string `tfsdk:"name" json:"name,omitempty"`
- ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
- SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
- SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
+ MountPath *string `tfsdk:"mount_path" json:"mountPath,omitempty"`
+ MountPropagation *string `tfsdk:"mount_propagation" json:"mountPropagation,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ ReadOnly *bool `tfsdk:"read_only" json:"readOnly,omitempty"`
+ RecursiveReadOnly *string `tfsdk:"recursive_read_only" json:"recursiveReadOnly,omitempty"`
+ SubPath *string `tfsdk:"sub_path" json:"subPath,omitempty"`
+ SubPathExpr *string `tfsdk:"sub_path_expr" json:"subPathExpr,omitempty"`
} `tfsdk:"volume_mounts" json:"volumeMounts,omitempty"`
WorkingDir *string `tfsdk:"working_dir" json:"workingDir,omitempty"`
} `tfsdk:"init_containers" json:"initContainers,omitempty"`
@@ -1012,6 +1055,10 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"scheduling_gates" json:"schedulingGates,omitempty"`
SecurityContext *struct {
+ AppArmorProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"app_armor_profile" json:"appArmorProfile,omitempty"`
FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
@@ -1162,9 +1209,6 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
} `tfsdk:"data_source_ref" json:"dataSourceRef,omitempty"`
Resources *struct {
- Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
- } `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
} `tfsdk:"resources" json:"resources,omitempty"`
@@ -1176,9 +1220,10 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
} `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
} `tfsdk:"selector" json:"selector,omitempty"`
- StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
- VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
- VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
+ StorageClassName *string `tfsdk:"storage_class_name" json:"storageClassName,omitempty"`
+ VolumeAttributesClassName *string `tfsdk:"volume_attributes_class_name" json:"volumeAttributesClassName,omitempty"`
+ VolumeMode *string `tfsdk:"volume_mode" json:"volumeMode,omitempty"`
+ VolumeName *string `tfsdk:"volume_name" json:"volumeName,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
} `tfsdk:"volume_claim_template" json:"volumeClaimTemplate,omitempty"`
} `tfsdk:"ephemeral" json:"ephemeral,omitempty"`
@@ -1259,6 +1304,20 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
Projected *struct {
DefaultMode *int64 `tfsdk:"default_mode" json:"defaultMode,omitempty"`
Sources *[]struct {
+ ClusterTrustBundle *struct {
+ LabelSelector *struct {
+ MatchExpressions *[]struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Operator *string `tfsdk:"operator" json:"operator,omitempty"`
+ Values *[]string `tfsdk:"values" json:"values,omitempty"`
+ } `tfsdk:"match_expressions" json:"matchExpressions,omitempty"`
+ MatchLabels *map[string]string `tfsdk:"match_labels" json:"matchLabels,omitempty"`
+ } `tfsdk:"label_selector" json:"labelSelector,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ Path *string `tfsdk:"path" json:"path,omitempty"`
+ SignerName *string `tfsdk:"signer_name" json:"signerName,omitempty"`
+ } `tfsdk:"cluster_trust_bundle" json:"clusterTrustBundle,omitempty"`
ConfigMap *struct {
Items *[]struct {
Key *string `tfsdk:"key" json:"key,omitempty"`
@@ -1380,6 +1439,19 @@ type SonataflowOrgSonataFlowV1Alpha08ManifestData struct {
} `tfsdk:"ref" json:"ref,omitempty"`
Uri *string `tfsdk:"uri" json:"uri,omitempty"`
} `tfsdk:"sink" json:"sink,omitempty"`
+ Sources *[]struct {
+ CACerts *string `tfsdk:"ca_certs" json:"CACerts,omitempty"`
+ EventType *string `tfsdk:"event_type" json:"eventType,omitempty"`
+ Ref *struct {
+ Address *string `tfsdk:"address" json:"address,omitempty"`
+ ApiVersion *string `tfsdk:"api_version" json:"apiVersion,omitempty"`
+ Group *string `tfsdk:"group" json:"group,omitempty"`
+ Kind *string `tfsdk:"kind" json:"kind,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Namespace *string `tfsdk:"namespace" json:"namespace,omitempty"`
+ } `tfsdk:"ref" json:"ref,omitempty"`
+ Uri *string `tfsdk:"uri" json:"uri,omitempty"`
+ } `tfsdk:"sources" json:"sources,omitempty"`
} `tfsdk:"spec" json:"spec,omitempty"`
}
@@ -2308,8 +2380,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "Required. A pod affinity term, associated with the corresponding weight.",
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -2361,6 +2433,24 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -2457,8 +2547,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -2510,6 +2600,24 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -2606,8 +2714,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "Required. A pod affinity term, associated with the corresponding weight.",
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -2659,6 +2767,24 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -2755,8 +2881,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"label_selector": schema.SingleNestedAttribute{
- Description: "A label query over a set of resources, in this case pods.",
- MarkdownDescription: "A label query over a set of resources, in this case pods.",
+ Description: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
+ MarkdownDescription: "A label query over a set of resources, in this case pods. If it's null, this PodAffinityTerm matches with no Pods.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -2808,6 +2934,24 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "match_label_keys": schema.ListAttribute{
+ Description: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key in (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both matchLabelKeys and labelSelector. Also, matchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "mismatch_label_keys": schema.ListAttribute{
+ Description: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ MarkdownDescription: "MismatchLabelKeys is a set of pod label keys to select which pods will be taken into consideration. The keys are used to lookup values from the incoming pod labels, those key-value labels are merged with 'labelSelector' as 'key notin (value)' to select the group of existing pods which pods will be taken into consideration for the incoming pod's pod (anti) affinity. Keys that don't exist in the incoming pod labels will be ignored. The default value is empty. The same key is forbidden to exist in both mismatchLabelKeys and labelSelector. Also, mismatchLabelKeys cannot be set when labelSelector isn't set. This is an alpha field and requires enabling MatchLabelKeysInPodAffinity feature gate.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"namespace_selector": schema.SingleNestedAttribute{
Description: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
MarkdownDescription: "A label query over the set of namespaces that the term applies to. The term is applied to the union of the namespaces selected by this field and the ones listed in the namespaces field. null selector and null or empty namespaces list means 'this pod's namespace'. An empty selector ({}) matches all namespaces.",
@@ -2963,8 +3107,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3054,8 +3198,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3095,8 +3239,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3128,8 +3272,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -3264,6 +3408,23 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -3384,6 +3545,23 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -3941,6 +4119,31 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
@@ -4062,8 +4265,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -4103,8 +4306,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -4402,8 +4605,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -4425,6 +4628,14 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -4513,8 +4724,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -4604,8 +4815,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -4645,8 +4856,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -4678,8 +4889,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -4814,6 +5025,23 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -4934,6 +5162,23 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -5487,6 +5732,14 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "restart_policy": schema.StringAttribute{
+ Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ MarkdownDescription: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"security_context": schema.SingleNestedAttribute{
Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
MarkdownDescription: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
@@ -5499,6 +5752,31 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
@@ -5620,8 +5898,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -5661,8 +5939,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -5960,8 +6238,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -5983,6 +6261,14 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -6117,8 +6403,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
"ip": schema.StringAttribute{
Description: "IP address of the host file entry.",
MarkdownDescription: "IP address of the host file entry.",
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -6174,8 +6460,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6248,8 +6534,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6339,8 +6625,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6380,8 +6666,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The ConfigMap to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6413,8 +6699,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The Secret to select from",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -6549,6 +6835,23 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -6669,6 +6972,23 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "sleep": schema.SingleNestedAttribute{
+ Description: "Sleep represents the duration that the container should sleep before being terminated.",
+ MarkdownDescription: "Sleep represents the duration that the container should sleep before being terminated.",
+ Attributes: map[string]schema.Attribute{
+ "seconds": schema.Int64Attribute{
+ Description: "Seconds is the number of seconds to sleep.",
+ MarkdownDescription: "Seconds is the number of seconds to sleep.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"tcp_socket": schema.SingleNestedAttribute{
Description: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
MarkdownDescription: "Deprecated. TCPSocket is NOT supported as a LifecycleHandler and kept for the backward compatibility. There are no validation of this field and lifecycle hooks will fail in runtime when tcp handler is specified.",
@@ -7222,6 +7542,14 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "restart_policy": schema.StringAttribute{
+ Description: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ MarkdownDescription: "RestartPolicy defines the restart behavior of individual containers in a pod. This field may only be set for init containers, and the only allowed value is 'Always'. For non-init containers or when this field is not specified, the restart behavior is defined by the Pod's restart policy and the container type. Setting the RestartPolicy as 'Always' for the init container will have the following effect: this init container will be continually restarted on exit until all regular containers have terminated. Once all regular containers have completed, all init containers with restartPolicy 'Always' will be shut down. This lifecycle differs from normal init containers and is often referred to as a 'sidecar' container. Although this init container still starts in the init container sequence, it does not wait for the container to complete before proceeding to the next init container. Instead, the next init container starts immediately after this init container is started, or after any startupProbe has successfully completed.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"security_context": schema.SingleNestedAttribute{
Description: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
MarkdownDescription: "SecurityContext defines the security options the container should be run with. If set, the fields of SecurityContext override the equivalent fields of PodSecurityContext. More info: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/",
@@ -7234,6 +7562,31 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by this container. If set, this profile overrides the pod's appArmorProfile. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"capabilities": schema.SingleNestedAttribute{
Description: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "The capabilities to add/drop when running containers. Defaults to the default set of capabilities granted by the container runtime. Note that this field cannot be set when spec.os.name is windows.",
@@ -7355,8 +7708,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The seccomp options to use by this container. If seccomp options are provided at both the pod & container level, the container options override the pod options. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -7396,8 +7749,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -7695,8 +8048,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"mount_propagation": schema.StringAttribute{
- Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
- MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10.",
+ Description: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
+ MarkdownDescription: "mountPropagation determines how mounts are propagated from the host to container and the other way around. When not set, MountPropagationNone is used. This field is beta in 1.10. When RecursiveReadOnly is set to IfPossible or to Enabled, MountPropagation must be None or unspecified (which defaults to None).",
Required: false,
Optional: true,
Computed: false,
@@ -7718,6 +8071,14 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "recursive_read_only": schema.StringAttribute{
+ Description: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ MarkdownDescription: "RecursiveReadOnly specifies whether read-only mounts should be handled recursively. If ReadOnly is false, this field has no meaning and must be unspecified. If ReadOnly is true, and this field is set to Disabled, the mount is not made recursively read-only. If this field is set to IfPossible, the mount is made recursively read-only, if it is supported by the container runtime. If this field is set to Enabled, the mount is made recursively read-only if it is supported by the container runtime, otherwise the pod will not be started and an error will be generated to indicate the reason. If this field is set to IfPossible or Enabled, MountPropagation must be set to None (or be unspecified, which defaults to None). If this field is not specified, it is treated as an equivalent of Disabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"sub_path": schema.StringAttribute{
Description: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
MarkdownDescription: "Path within the volume from which the container's volume should be mounted. Defaults to '' (volume's root).",
@@ -7874,8 +8235,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"resource_claim_template_name": schema.StringAttribute{
- Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
- MarkdownDescription: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The name of the ResourceClaim will be -, where is the PodResourceClaim.Name. Pod validation will reject the pod if the concatenated name is not valid for a ResourceClaim (e.g. too long). An existing ResourceClaim with that name that is not owned by the pod will not be used for the pod to avoid using an unrelated resource by mistake. Scheduling and pod startup are then blocked until the unrelated ResourceClaim is removed. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
+ Description: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
+ MarkdownDescription: "ResourceClaimTemplateName is the name of a ResourceClaimTemplate object in the same namespace as this pod. The template will be used to create a new ResourceClaim, which will be bound to this pod. When this pod is deleted, the ResourceClaim will also be deleted. The pod name and resource name, along with a generated component, will be used to form a unique name for the ResourceClaim, which will be recorded in pod.status.resourceClaimStatuses. This field is immutable and no changes will be made to the corresponding ResourceClaim by the control plane after creating the ResourceClaim.",
Required: false,
Optional: true,
Computed: false,
@@ -7939,6 +8300,31 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Description: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.",
MarkdownDescription: "SecurityContext holds pod-level security attributes and common container settings. Optional: Defaults to empty. See type description for default values of each field.",
Attributes: map[string]schema.Attribute{
+ "app_armor_profile": schema.SingleNestedAttribute{
+ Description: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "appArmorProfile is the AppArmor options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ MarkdownDescription: "localhostProfile indicates a profile loaded on the node that should be used. The profile must be preconfigured on the node to work. Must match the loaded name of the profile. Must be set if and only if type is 'Localhost'.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ MarkdownDescription: "type indicates which kind of AppArmor profile will be applied. Valid options are: Localhost - a profile pre-loaded on the node. RuntimeDefault - the container runtime's default profile. Unconfined - no AppArmor enforcement.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"fs_group": schema.Int64Attribute{
Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
MarkdownDescription: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
@@ -8025,8 +8411,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
Attributes: map[string]schema.Attribute{
"localhost_profile": schema.StringAttribute{
- Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
- MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must only be set if type is 'Localhost'.",
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
Required: false,
Optional: true,
Computed: false,
@@ -8102,8 +8488,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"host_process": schema.BoolAttribute{
- Description: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
- MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. This field is alpha-level and will only be honored by components that enable the WindowsHostProcessContainers feature flag. Setting this field without the feature flag will result in errors when validating the Pod. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
Required: false,
Optional: true,
Computed: false,
@@ -8295,8 +8681,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"min_domains": schema.Int64Attribute{
- Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
- MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew. This is a beta field and requires the MinDomainsInPodTopologySpread feature gate to be enabled (enabled by default).",
+ Description: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
+ MarkdownDescription: "MinDomains indicates a minimum number of eligible domains. When the number of eligible domains with matching topology keys is less than minDomains, Pod Topology Spread treats 'global minimum' as 0, and then the calculation of Skew is performed. And when the number of eligible domains with matching topology keys equals or greater than minDomains, this value has no effect on scheduling. As a result, when the number of eligible domains is less than minDomains, scheduler won't schedule more than maxSkew Pods to those domains. If value is nil, the constraint behaves as if MinDomains is equal to 1. Valid values are integers greater than 0. When value is not nil, WhenUnsatisfiable must be DoNotSchedule. For example, in a 3-zone cluster, MaxSkew is set to 2, MinDomains is set to 5 and pods with the same labelSelector spread as 2/2/2: | zone1 | zone2 | zone3 | | P P | P P | P P | The number of domains is less than 5(MinDomains), so 'global minimum' is treated as 0. In this situation, new pod with the same labelSelector cannot be scheduled, because computed skew will be 3(3 - 0) if new Pod is scheduled to any of the three zones, it will violate MaxSkew.",
Required: false,
Optional: true,
Computed: false,
@@ -8518,8 +8904,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "secretRef is Optional: SecretRef is reference to the authentication secret for User, default is empty. More info: https://examples.k8s.io/volumes/cephfs/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -8568,8 +8954,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "secretRef is optional: points to a secret object containing parameters used to connect to OpenStack.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -8641,8 +9027,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -8686,8 +9072,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "nodePublishSecretRef is a reference to the secret object containing sensitive information to pass to the CSI driver to complete the CSI NodePublishVolume and NodeUnpublishVolume calls. This field is optional, and may be empty if no secret is required. If the secret object contains more than one secret, all secret references are passed.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -8738,8 +9124,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -8955,25 +9341,6 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Description: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
MarkdownDescription: "resources represents the minimum resources the volume should have. If RecoverVolumeExpansionFailure feature is enabled users are allowed to specify resource requirements that are lower than previous value but must still be higher than capacity recorded in the status field of the claim. More info: https://kubernetes.io/docs/concepts/storage/persistent-volumes#resources",
Attributes: map[string]schema.Attribute{
- "claims": schema.ListNestedAttribute{
- Description: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- MarkdownDescription: "Claims lists the names of resources, defined in spec.resourceClaims, that are used by this container. This is an alpha field and requires enabling the DynamicResourceAllocation feature gate. This field is immutable. It can only be set for containers.",
- NestedObject: schema.NestedAttributeObject{
- Attributes: map[string]schema.Attribute{
- "name": schema.StringAttribute{
- Description: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- MarkdownDescription: "Name must match the name of one entry in pod.spec.resourceClaims of the Pod where this field is used. It makes that resource available inside a container.",
- Required: true,
- Optional: false,
- Computed: false,
- },
- },
- },
- Required: false,
- Optional: true,
- Computed: false,
- },
-
"limits": schema.MapAttribute{
Description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
MarkdownDescription: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/",
@@ -9059,6 +9426,14 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "volume_attributes_class_name": schema.StringAttribute{
+ Description: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ MarkdownDescription: "volumeAttributesClassName may be used to set the VolumeAttributesClass used by this claim. If specified, the CSI driver will create or update the volume with the attributes defined in the corresponding VolumeAttributesClass. This has a different purpose than storageClassName, it can be changed after the claim is created. An empty string value means that no VolumeAttributesClass will be applied to the claim but it's not allowed to reset this field to empty string once it is set. If unspecified and the PersistentVolumeClaim is unbound, the default VolumeAttributesClass will be set by the persistentvolume controller if it exists. If the resource referred to by volumeAttributesClass does not exist, this PersistentVolumeClaim will be set to a Pending state, as reflected by the modifyVolumeStatus field, until such as a resource exists. More info: https://kubernetes.io/docs/concepts/storage/volume-attributes-classes/ (Alpha) Using this field requires the VolumeAttributesClass feature gate to be enabled.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"volume_mode": schema.StringAttribute{
Description: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
MarkdownDescription: "volumeMode defines what type of volume is required by the claim. Value of Filesystem is implied when not included in claim spec.",
@@ -9183,8 +9558,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "secretRef is Optional: secretRef is reference to the secret object containing sensitive information to pass to the plugin scripts. This may be empty if no secret object is specified. If the secret object contains more than one secret, all secrets are passed to the plugin scripts.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -9439,8 +9814,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "secretRef is the CHAP Secret for iSCSI target and initiator authentication",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -9605,6 +9980,101 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "sources is the list of volume projections",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
+ "cluster_trust_bundle": schema.SingleNestedAttribute{
+ Description: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ MarkdownDescription: "ClusterTrustBundle allows a pod to access the '.spec.trustBundle' field of ClusterTrustBundle objects in an auto-updating file. Alpha, gated by the ClusterTrustBundleProjection feature gate. ClusterTrustBundle objects can either be selected by name, or by the combination of signer name and a label selector. Kubelet performs aggressive normalization of the PEM contents written into the pod filesystem. Esoteric PEM features such as inter-block comments and block headers are stripped. Certificates are deduplicated. The ordering of certificates within the file is arbitrary, and Kubelet may change the order over time.",
+ Attributes: map[string]schema.Attribute{
+ "label_selector": schema.SingleNestedAttribute{
+ Description: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this label selector. Only has effect if signerName is set. Mutually-exclusive with name. If unset, interpreted as 'match nothing'. If set but empty, interpreted as 'match everything'.",
+ Attributes: map[string]schema.Attribute{
+ "match_expressions": schema.ListNestedAttribute{
+ Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ MarkdownDescription: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "key is the label key that the selector applies to.",
+ MarkdownDescription: "key is the label key that the selector applies to.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "operator": schema.StringAttribute{
+ Description: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ MarkdownDescription: "operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "values": schema.ListAttribute{
+ Description: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ MarkdownDescription: "values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "match_labels": schema.MapAttribute{
+ Description: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ MarkdownDescription: "matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is 'key', the operator is 'In', and the values array contains only 'value'. The requirements are ANDed.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ MarkdownDescription: "Select a single ClusterTrustBundle by object name. Mutually-exclusive with signerName and labelSelector.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ MarkdownDescription: "If true, don't block pod startup if the referenced ClusterTrustBundle(s) aren't available. If using name, then the named ClusterTrustBundle is allowed not to exist. If using signerName, then the combination of signerName and labelSelector is allowed to match zero ClusterTrustBundles.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "path": schema.StringAttribute{
+ Description: "Relative path from the volume root to write the bundle.",
+ MarkdownDescription: "Relative path from the volume root to write the bundle.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "signer_name": schema.StringAttribute{
+ Description: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ MarkdownDescription: "Select all ClusterTrustBundles that match this signer name. Mutually-exclusive with name. The contents of all selected ClusterTrustBundles will be unified and deduplicated.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"config_map": schema.SingleNestedAttribute{
Description: "configMap information about the configMap data to project",
MarkdownDescription: "configMap information about the configMap data to project",
@@ -9645,8 +10115,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -9675,8 +10145,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"field_ref": schema.SingleNestedAttribute{
- Description: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
- MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name and namespace are supported.",
+ Description: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
+ MarkdownDescription: "Required: Selects a field of the pod: only annotations, labels, name, namespace and uid are supported.",
Attributes: map[string]schema.Attribute{
"api_version": schema.StringAttribute{
Description: "Version of the schema the FieldPath is written in terms of, defaults to 'v1'.",
@@ -9799,8 +10269,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -9978,8 +10448,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "secretRef is name of the authentication secret for RBDUser. If provided overrides keyring. Default is nil. More info: https://examples.k8s.io/volumes/rbd/README.md#how-to-use-it",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10044,8 +10514,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "secretRef references to the secret for ScaleIO user and other sensitive information. If this is not provided, Login operation will fail.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10194,8 +10664,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "secretRef specifies the secret to use for obtaining the StorageOS API credentials. If not specified, default values will be attempted.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10293,8 +10763,8 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "ConfigMap the given configMap name in the same workflow context to find the resource",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Add other useful fields. apiVersion, kind, uid?",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
Required: false,
Optional: true,
Computed: false,
@@ -10405,6 +10875,98 @@ func (r *SonataflowOrgSonataFlowV1Alpha08Manifest) Schema(_ context.Context, _ d
Optional: true,
Computed: false,
},
+
+ "sources": schema.ListNestedAttribute{
+ Description: "Sources describes the list of sources used to create triggers for events consumed by this SonataFlow instance.",
+ MarkdownDescription: "Sources describes the list of sources used to create triggers for events consumed by this SonataFlow instance.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "ca_certs": schema.StringAttribute{
+ Description: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ MarkdownDescription: "CACerts are Certification Authority (CA) certificates in PEM format according to https://www.rfc-editor.org/rfc/rfc7468. If set, these CAs are appended to the set of CAs provided by the Addressable target, if any.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "event_type": schema.StringAttribute{
+ Description: "Defines the eventType to filter the events",
+ MarkdownDescription: "Defines the eventType to filter the events",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "ref": schema.SingleNestedAttribute{
+ Description: "Ref points to an Addressable.",
+ MarkdownDescription: "Ref points to an Addressable.",
+ Attributes: map[string]schema.Attribute{
+ "address": schema.StringAttribute{
+ Description: "Address points to a specific Address Name.",
+ MarkdownDescription: "Address points to a specific Address Name.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "api_version": schema.StringAttribute{
+ Description: "API version of the referent.",
+ MarkdownDescription: "API version of the referent.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "group": schema.StringAttribute{
+ Description: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ MarkdownDescription: "Group of the API, without the version of the group. This can be used as an alternative to the APIVersion, and then resolved using ResolveGroup. Note: This API is EXPERIMENTAL and might break anytime. For more details: https://github.com/knative/eventing/issues/5086",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "kind": schema.StringAttribute{
+ Description: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ MarkdownDescription: "Kind of the referent. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "namespace": schema.StringAttribute{
+ Description: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ MarkdownDescription: "Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ This is optional field, it gets defaulted to the object holding it if left out.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "uri": schema.StringAttribute{
+ Description: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ MarkdownDescription: "URI can be an absolute URL(non-empty scheme and non-empty host) pointing to the target or a relative URI. Relative URIs will be resolved using the base URI retrieved from Ref.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
Required: false,
Optional: true,
diff --git a/internal/provider/spark_stackable_tech_v1alpha1/spark_stackable_tech_spark_application_v1alpha1_manifest.go b/internal/provider/spark_stackable_tech_v1alpha1/spark_stackable_tech_spark_application_v1alpha1_manifest.go
index 2c9ee26a5..cda7025de 100644
--- a/internal/provider/spark_stackable_tech_v1alpha1/spark_stackable_tech_spark_application_v1alpha1_manifest.go
+++ b/internal/provider/spark_stackable_tech_v1alpha1/spark_stackable_tech_spark_application_v1alpha1_manifest.go
@@ -194,9 +194,10 @@ type SparkStackableTechSparkApplicationV1Alpha1ManifestData struct {
AccessStyle *string `tfsdk:"access_style" json:"accessStyle,omitempty"`
Credentials *struct {
Scope *struct {
- Node *bool `tfsdk:"node" json:"node,omitempty"`
- Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
- Services *[]string `tfsdk:"services" json:"services,omitempty"`
+ ListenerVolumes *[]string `tfsdk:"listener_volumes" json:"listenerVolumes,omitempty"`
+ Node *bool `tfsdk:"node" json:"node,omitempty"`
+ Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
+ Services *[]string `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"scope" json:"scope,omitempty"`
SecretClass *string `tfsdk:"secret_class" json:"secretClass,omitempty"`
} `tfsdk:"credentials" json:"credentials,omitempty"`
@@ -230,9 +231,10 @@ type SparkStackableTechSparkApplicationV1Alpha1ManifestData struct {
AccessStyle *string `tfsdk:"access_style" json:"accessStyle,omitempty"`
Credentials *struct {
Scope *struct {
- Node *bool `tfsdk:"node" json:"node,omitempty"`
- Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
- Services *[]string `tfsdk:"services" json:"services,omitempty"`
+ ListenerVolumes *[]string `tfsdk:"listener_volumes" json:"listenerVolumes,omitempty"`
+ Node *bool `tfsdk:"node" json:"node,omitempty"`
+ Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
+ Services *[]string `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"scope" json:"scope,omitempty"`
SecretClass *string `tfsdk:"secret_class" json:"secretClass,omitempty"`
} `tfsdk:"credentials" json:"credentials,omitempty"`
@@ -424,8 +426,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -442,8 +444,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -451,8 +453,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -717,10 +719,10 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- Required: false,
- Optional: true,
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -808,10 +810,10 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- Required: false,
- Optional: true,
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -864,8 +866,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -882,8 +884,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -891,8 +893,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -1279,18 +1281,18 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
"bucket": schema.SingleNestedAttribute{
- Description: "An S3 bucket definition, it can either be a reference to an explicit S3Bucket object, or it can be an inline definition of a bucket. Read the [S3 resources concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3) to learn more.",
- MarkdownDescription: "An S3 bucket definition, it can either be a reference to an explicit S3Bucket object, or it can be an inline definition of a bucket. Read the [S3 resources concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3) to learn more.",
+ Description: "",
+ MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "An inline definition, containing the S3 bucket properties.",
- MarkdownDescription: "An inline definition, containing the S3 bucket properties.",
+ Description: "S3 bucket specification containing the bucket name and an inlined or referenced connection specification. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 bucket specification containing the bucket name and an inlined or referenced connection specification. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"bucket_name": schema.StringAttribute{
Description: "The name of the S3 bucket.",
MarkdownDescription: "The name of the S3 bucket.",
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -1299,8 +1301,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
MarkdownDescription: "The definition of an S3 connection, either inline or as a reference.",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "Inline definition of an S3 connection.",
- MarkdownDescription: "Inline definition of an S3 connection.",
+ Description: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"access_style": schema.StringAttribute{
Description: "Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).",
@@ -1321,6 +1323,15 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
Description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
MarkdownDescription: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
Attributes: map[string]schema.Attribute{
+ "listener_volumes": schema.ListAttribute{
+ Description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ MarkdownDescription: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"node": schema.BoolAttribute{
Description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
MarkdownDescription: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
@@ -1365,10 +1376,10 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
},
"host": schema.StringAttribute{
- Description: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- MarkdownDescription: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- Required: false,
- Optional: true,
+ Description: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ MarkdownDescription: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -1384,8 +1395,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
},
"tls": schema.SingleNestedAttribute{
- Description: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
- MarkdownDescription: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
+ Description: "Use a TLS connection. If not specified no TLS will be used.",
+ MarkdownDescription: "Use a TLS connection. If not specified no TLS will be used.",
Attributes: map[string]schema.Attribute{
"verification": schema.SingleNestedAttribute{
Description: "The verification method used to verify the certificates of the server and/or the client.",
@@ -1451,15 +1462,15 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3Connection resource.",
- MarkdownDescription: "A reference to an S3Connection resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
},
},
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -1469,8 +1480,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3 bucket object. This is simply the name of the 'S3Bucket' resource.",
- MarkdownDescription: "A reference to an S3 bucket object. This is simply the name of the 'S3Bucket' resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
@@ -1531,8 +1542,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
MarkdownDescription: "Configure an S3 connection that the SparkApplication has access to. Read more in the [Spark S3 usage guide](https://docs.stackable.tech/home/nightly/spark-k8s/usage-guide/s3).",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "Inline definition of an S3 connection.",
- MarkdownDescription: "Inline definition of an S3 connection.",
+ Description: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"access_style": schema.StringAttribute{
Description: "Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).",
@@ -1553,6 +1564,15 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
Description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
MarkdownDescription: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
Attributes: map[string]schema.Attribute{
+ "listener_volumes": schema.ListAttribute{
+ Description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ MarkdownDescription: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"node": schema.BoolAttribute{
Description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
MarkdownDescription: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
@@ -1597,10 +1617,10 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
},
"host": schema.StringAttribute{
- Description: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- MarkdownDescription: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- Required: false,
- Optional: true,
+ Description: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ MarkdownDescription: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -1616,8 +1636,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
},
"tls": schema.SingleNestedAttribute{
- Description: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
- MarkdownDescription: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
+ Description: "Use a TLS connection. If not specified no TLS will be used.",
+ MarkdownDescription: "Use a TLS connection. If not specified no TLS will be used.",
Attributes: map[string]schema.Attribute{
"verification": schema.SingleNestedAttribute{
Description: "The verification method used to verify the certificates of the server and/or the client.",
@@ -1683,8 +1703,8 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3Connection resource.",
- MarkdownDescription: "A reference to an S3Connection resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
@@ -1741,10 +1761,10 @@ func (r *SparkStackableTechSparkApplicationV1Alpha1Manifest) Schema(_ context.Co
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- Required: false,
- Optional: true,
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
Computed: false,
},
},
diff --git a/internal/provider/spark_stackable_tech_v1alpha1/spark_stackable_tech_spark_history_server_v1alpha1_manifest.go b/internal/provider/spark_stackable_tech_v1alpha1/spark_stackable_tech_spark_history_server_v1alpha1_manifest.go
index 525fbd6f3..1da547861 100644
--- a/internal/provider/spark_stackable_tech_v1alpha1/spark_stackable_tech_spark_history_server_v1alpha1_manifest.go
+++ b/internal/provider/spark_stackable_tech_v1alpha1/spark_stackable_tech_spark_history_server_v1alpha1_manifest.go
@@ -67,9 +67,10 @@ type SparkStackableTechSparkHistoryServerV1Alpha1ManifestData struct {
AccessStyle *string `tfsdk:"access_style" json:"accessStyle,omitempty"`
Credentials *struct {
Scope *struct {
- Node *bool `tfsdk:"node" json:"node,omitempty"`
- Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
- Services *[]string `tfsdk:"services" json:"services,omitempty"`
+ ListenerVolumes *[]string `tfsdk:"listener_volumes" json:"listenerVolumes,omitempty"`
+ Node *bool `tfsdk:"node" json:"node,omitempty"`
+ Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
+ Services *[]string `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"scope" json:"scope,omitempty"`
SecretClass *string `tfsdk:"secret_class" json:"secretClass,omitempty"`
} `tfsdk:"credentials" json:"credentials,omitempty"`
@@ -327,10 +328,10 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- Required: false,
- Optional: true,
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -370,18 +371,18 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
"bucket": schema.SingleNestedAttribute{
- Description: "An S3 bucket definition, it can either be a reference to an explicit S3Bucket object, or it can be an inline definition of a bucket. Read the [S3 resources concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3) to learn more.",
- MarkdownDescription: "An S3 bucket definition, it can either be a reference to an explicit S3Bucket object, or it can be an inline definition of a bucket. Read the [S3 resources concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3) to learn more.",
+ Description: "",
+ MarkdownDescription: "",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "An inline definition, containing the S3 bucket properties.",
- MarkdownDescription: "An inline definition, containing the S3 bucket properties.",
+ Description: "S3 bucket specification containing the bucket name and an inlined or referenced connection specification. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 bucket specification containing the bucket name and an inlined or referenced connection specification. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"bucket_name": schema.StringAttribute{
Description: "The name of the S3 bucket.",
MarkdownDescription: "The name of the S3 bucket.",
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -390,8 +391,8 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
MarkdownDescription: "The definition of an S3 connection, either inline or as a reference.",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "Inline definition of an S3 connection.",
- MarkdownDescription: "Inline definition of an S3 connection.",
+ Description: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"access_style": schema.StringAttribute{
Description: "Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).",
@@ -412,6 +413,15 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
Description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
MarkdownDescription: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
Attributes: map[string]schema.Attribute{
+ "listener_volumes": schema.ListAttribute{
+ Description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ MarkdownDescription: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"node": schema.BoolAttribute{
Description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
MarkdownDescription: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
@@ -456,10 +466,10 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
},
"host": schema.StringAttribute{
- Description: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- MarkdownDescription: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- Required: false,
- Optional: true,
+ Description: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ MarkdownDescription: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -475,8 +485,8 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
},
"tls": schema.SingleNestedAttribute{
- Description: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
- MarkdownDescription: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
+ Description: "Use a TLS connection. If not specified no TLS will be used.",
+ MarkdownDescription: "Use a TLS connection. If not specified no TLS will be used.",
Attributes: map[string]schema.Attribute{
"verification": schema.SingleNestedAttribute{
Description: "The verification method used to verify the certificates of the server and/or the client.",
@@ -542,15 +552,15 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3Connection resource.",
- MarkdownDescription: "A reference to an S3Connection resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
},
},
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -560,8 +570,8 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3 bucket object. This is simply the name of the 'S3Bucket' resource.",
- MarkdownDescription: "A reference to an S3 bucket object. This is simply the name of the 'S3Bucket' resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
@@ -615,8 +625,8 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -633,8 +643,8 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -642,8 +652,8 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -926,8 +936,8 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -944,8 +954,8 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -953,8 +963,8 @@ func (r *SparkStackableTechSparkHistoryServerV1Alpha1Manifest) Schema(_ context.
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
diff --git a/internal/provider/storage_k8s_io_v1/storage_k8s_io_volume_attachment_v1_manifest.go b/internal/provider/storage_k8s_io_v1/storage_k8s_io_volume_attachment_v1_manifest.go
index 56d46c78c..58abdfb82 100644
--- a/internal/provider/storage_k8s_io_v1/storage_k8s_io_volume_attachment_v1_manifest.go
+++ b/internal/provider/storage_k8s_io_v1/storage_k8s_io_volume_attachment_v1_manifest.go
@@ -361,8 +361,8 @@ func (r *StorageK8SIoVolumeAttachmentV1Manifest) Schema(_ context.Context, _ dat
},
"source": schema.SingleNestedAttribute{
- Description: "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.",
- MarkdownDescription: "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.",
+ Description: "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistentVolumes can be attached via external attacher, in the future we may allow also inline volumes in pods. Exactly one member can be set.",
+ MarkdownDescription: "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistentVolumes can be attached via external attacher, in the future we may allow also inline volumes in pods. Exactly one member can be set.",
Attributes: map[string]schema.Attribute{
"inline_volume_spec": schema.SingleNestedAttribute{
Description: "PersistentVolumeSpec is the specification of a persistent volume.",
diff --git a/internal/provider/tempo_grafana_com_v1alpha1/tempo_grafana_com_tempo_stack_v1alpha1_manifest.go b/internal/provider/tempo_grafana_com_v1alpha1/tempo_grafana_com_tempo_stack_v1alpha1_manifest.go
index d63d064a2..5c1df1446 100644
--- a/internal/provider/tempo_grafana_com_v1alpha1/tempo_grafana_com_tempo_stack_v1alpha1_manifest.go
+++ b/internal/provider/tempo_grafana_com_v1alpha1/tempo_grafana_com_tempo_stack_v1alpha1_manifest.go
@@ -149,9 +149,37 @@ type TempoGrafanaComTempoStackV1Alpha1ManifestData struct {
StorageSize *string `tfsdk:"storage_size" json:"storageSize,omitempty"`
Template *struct {
Compactor *struct {
- NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
- Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
- Resources *struct {
+ NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
+ PodSecurityContext *struct {
+ FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
+ FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
+ RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
+ RunAsNonRoot *bool `tfsdk:"run_as_non_root" json:"runAsNonRoot,omitempty"`
+ RunAsUser *int64 `tfsdk:"run_as_user" json:"runAsUser,omitempty"`
+ SeLinuxOptions *struct {
+ Level *string `tfsdk:"level" json:"level,omitempty"`
+ Role *string `tfsdk:"role" json:"role,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ User *string `tfsdk:"user" json:"user,omitempty"`
+ } `tfsdk:"se_linux_options" json:"seLinuxOptions,omitempty"`
+ SeccompProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ Sysctls *[]struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *string `tfsdk:"value" json:"value,omitempty"`
+ } `tfsdk:"sysctls" json:"sysctls,omitempty"`
+ WindowsOptions *struct {
+ GmsaCredentialSpec *string `tfsdk:"gmsa_credential_spec" json:"gmsaCredentialSpec,omitempty"`
+ GmsaCredentialSpecName *string `tfsdk:"gmsa_credential_spec_name" json:"gmsaCredentialSpecName,omitempty"`
+ HostProcess *bool `tfsdk:"host_process" json:"hostProcess,omitempty"`
+ RunAsUserName *string `tfsdk:"run_as_user_name" json:"runAsUserName,omitempty"`
+ } `tfsdk:"windows_options" json:"windowsOptions,omitempty"`
+ } `tfsdk:"pod_security_context" json:"podSecurityContext,omitempty"`
+ Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
+ Resources *struct {
Claims *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
@@ -168,9 +196,37 @@ type TempoGrafanaComTempoStackV1Alpha1ManifestData struct {
} `tfsdk:"compactor" json:"compactor,omitempty"`
Distributor *struct {
Component *struct {
- NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
- Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
- Resources *struct {
+ NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
+ PodSecurityContext *struct {
+ FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
+ FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
+ RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
+ RunAsNonRoot *bool `tfsdk:"run_as_non_root" json:"runAsNonRoot,omitempty"`
+ RunAsUser *int64 `tfsdk:"run_as_user" json:"runAsUser,omitempty"`
+ SeLinuxOptions *struct {
+ Level *string `tfsdk:"level" json:"level,omitempty"`
+ Role *string `tfsdk:"role" json:"role,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ User *string `tfsdk:"user" json:"user,omitempty"`
+ } `tfsdk:"se_linux_options" json:"seLinuxOptions,omitempty"`
+ SeccompProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ Sysctls *[]struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *string `tfsdk:"value" json:"value,omitempty"`
+ } `tfsdk:"sysctls" json:"sysctls,omitempty"`
+ WindowsOptions *struct {
+ GmsaCredentialSpec *string `tfsdk:"gmsa_credential_spec" json:"gmsaCredentialSpec,omitempty"`
+ GmsaCredentialSpecName *string `tfsdk:"gmsa_credential_spec_name" json:"gmsaCredentialSpecName,omitempty"`
+ HostProcess *bool `tfsdk:"host_process" json:"hostProcess,omitempty"`
+ RunAsUserName *string `tfsdk:"run_as_user_name" json:"runAsUserName,omitempty"`
+ } `tfsdk:"windows_options" json:"windowsOptions,omitempty"`
+ } `tfsdk:"pod_security_context" json:"podSecurityContext,omitempty"`
+ Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
+ Resources *struct {
Claims *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
@@ -194,9 +250,37 @@ type TempoGrafanaComTempoStackV1Alpha1ManifestData struct {
} `tfsdk:"distributor" json:"distributor,omitempty"`
Gateway *struct {
Component *struct {
- NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
- Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
- Resources *struct {
+ NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
+ PodSecurityContext *struct {
+ FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
+ FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
+ RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
+ RunAsNonRoot *bool `tfsdk:"run_as_non_root" json:"runAsNonRoot,omitempty"`
+ RunAsUser *int64 `tfsdk:"run_as_user" json:"runAsUser,omitempty"`
+ SeLinuxOptions *struct {
+ Level *string `tfsdk:"level" json:"level,omitempty"`
+ Role *string `tfsdk:"role" json:"role,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ User *string `tfsdk:"user" json:"user,omitempty"`
+ } `tfsdk:"se_linux_options" json:"seLinuxOptions,omitempty"`
+ SeccompProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ Sysctls *[]struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *string `tfsdk:"value" json:"value,omitempty"`
+ } `tfsdk:"sysctls" json:"sysctls,omitempty"`
+ WindowsOptions *struct {
+ GmsaCredentialSpec *string `tfsdk:"gmsa_credential_spec" json:"gmsaCredentialSpec,omitempty"`
+ GmsaCredentialSpecName *string `tfsdk:"gmsa_credential_spec_name" json:"gmsaCredentialSpecName,omitempty"`
+ HostProcess *bool `tfsdk:"host_process" json:"hostProcess,omitempty"`
+ RunAsUserName *string `tfsdk:"run_as_user_name" json:"runAsUserName,omitempty"`
+ } `tfsdk:"windows_options" json:"windowsOptions,omitempty"`
+ } `tfsdk:"pod_security_context" json:"podSecurityContext,omitempty"`
+ Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
+ Resources *struct {
Claims *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
@@ -223,9 +307,37 @@ type TempoGrafanaComTempoStackV1Alpha1ManifestData struct {
} `tfsdk:"ingress" json:"ingress,omitempty"`
} `tfsdk:"gateway" json:"gateway,omitempty"`
Ingester *struct {
- NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
- Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
- Resources *struct {
+ NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
+ PodSecurityContext *struct {
+ FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
+ FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
+ RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
+ RunAsNonRoot *bool `tfsdk:"run_as_non_root" json:"runAsNonRoot,omitempty"`
+ RunAsUser *int64 `tfsdk:"run_as_user" json:"runAsUser,omitempty"`
+ SeLinuxOptions *struct {
+ Level *string `tfsdk:"level" json:"level,omitempty"`
+ Role *string `tfsdk:"role" json:"role,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ User *string `tfsdk:"user" json:"user,omitempty"`
+ } `tfsdk:"se_linux_options" json:"seLinuxOptions,omitempty"`
+ SeccompProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ Sysctls *[]struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *string `tfsdk:"value" json:"value,omitempty"`
+ } `tfsdk:"sysctls" json:"sysctls,omitempty"`
+ WindowsOptions *struct {
+ GmsaCredentialSpec *string `tfsdk:"gmsa_credential_spec" json:"gmsaCredentialSpec,omitempty"`
+ GmsaCredentialSpecName *string `tfsdk:"gmsa_credential_spec_name" json:"gmsaCredentialSpecName,omitempty"`
+ HostProcess *bool `tfsdk:"host_process" json:"hostProcess,omitempty"`
+ RunAsUserName *string `tfsdk:"run_as_user_name" json:"runAsUserName,omitempty"`
+ } `tfsdk:"windows_options" json:"windowsOptions,omitempty"`
+ } `tfsdk:"pod_security_context" json:"podSecurityContext,omitempty"`
+ Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
+ Resources *struct {
Claims *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
@@ -241,9 +353,37 @@ type TempoGrafanaComTempoStackV1Alpha1ManifestData struct {
} `tfsdk:"tolerations" json:"tolerations,omitempty"`
} `tfsdk:"ingester" json:"ingester,omitempty"`
Querier *struct {
- NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
- Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
- Resources *struct {
+ NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
+ PodSecurityContext *struct {
+ FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
+ FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
+ RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
+ RunAsNonRoot *bool `tfsdk:"run_as_non_root" json:"runAsNonRoot,omitempty"`
+ RunAsUser *int64 `tfsdk:"run_as_user" json:"runAsUser,omitempty"`
+ SeLinuxOptions *struct {
+ Level *string `tfsdk:"level" json:"level,omitempty"`
+ Role *string `tfsdk:"role" json:"role,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ User *string `tfsdk:"user" json:"user,omitempty"`
+ } `tfsdk:"se_linux_options" json:"seLinuxOptions,omitempty"`
+ SeccompProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ Sysctls *[]struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *string `tfsdk:"value" json:"value,omitempty"`
+ } `tfsdk:"sysctls" json:"sysctls,omitempty"`
+ WindowsOptions *struct {
+ GmsaCredentialSpec *string `tfsdk:"gmsa_credential_spec" json:"gmsaCredentialSpec,omitempty"`
+ GmsaCredentialSpecName *string `tfsdk:"gmsa_credential_spec_name" json:"gmsaCredentialSpecName,omitempty"`
+ HostProcess *bool `tfsdk:"host_process" json:"hostProcess,omitempty"`
+ RunAsUserName *string `tfsdk:"run_as_user_name" json:"runAsUserName,omitempty"`
+ } `tfsdk:"windows_options" json:"windowsOptions,omitempty"`
+ } `tfsdk:"pod_security_context" json:"podSecurityContext,omitempty"`
+ Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
+ Resources *struct {
Claims *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
@@ -260,9 +400,37 @@ type TempoGrafanaComTempoStackV1Alpha1ManifestData struct {
} `tfsdk:"querier" json:"querier,omitempty"`
QueryFrontend *struct {
Component *struct {
- NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
- Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
- Resources *struct {
+ NodeSelector *map[string]string `tfsdk:"node_selector" json:"nodeSelector,omitempty"`
+ PodSecurityContext *struct {
+ FsGroup *int64 `tfsdk:"fs_group" json:"fsGroup,omitempty"`
+ FsGroupChangePolicy *string `tfsdk:"fs_group_change_policy" json:"fsGroupChangePolicy,omitempty"`
+ RunAsGroup *int64 `tfsdk:"run_as_group" json:"runAsGroup,omitempty"`
+ RunAsNonRoot *bool `tfsdk:"run_as_non_root" json:"runAsNonRoot,omitempty"`
+ RunAsUser *int64 `tfsdk:"run_as_user" json:"runAsUser,omitempty"`
+ SeLinuxOptions *struct {
+ Level *string `tfsdk:"level" json:"level,omitempty"`
+ Role *string `tfsdk:"role" json:"role,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ User *string `tfsdk:"user" json:"user,omitempty"`
+ } `tfsdk:"se_linux_options" json:"seLinuxOptions,omitempty"`
+ SeccompProfile *struct {
+ LocalhostProfile *string `tfsdk:"localhost_profile" json:"localhostProfile,omitempty"`
+ Type *string `tfsdk:"type" json:"type,omitempty"`
+ } `tfsdk:"seccomp_profile" json:"seccompProfile,omitempty"`
+ SupplementalGroups *[]string `tfsdk:"supplemental_groups" json:"supplementalGroups,omitempty"`
+ Sysctls *[]struct {
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Value *string `tfsdk:"value" json:"value,omitempty"`
+ } `tfsdk:"sysctls" json:"sysctls,omitempty"`
+ WindowsOptions *struct {
+ GmsaCredentialSpec *string `tfsdk:"gmsa_credential_spec" json:"gmsaCredentialSpec,omitempty"`
+ GmsaCredentialSpecName *string `tfsdk:"gmsa_credential_spec_name" json:"gmsaCredentialSpecName,omitempty"`
+ HostProcess *bool `tfsdk:"host_process" json:"hostProcess,omitempty"`
+ RunAsUserName *string `tfsdk:"run_as_user_name" json:"runAsUserName,omitempty"`
+ } `tfsdk:"windows_options" json:"windowsOptions,omitempty"`
+ } `tfsdk:"pod_security_context" json:"podSecurityContext,omitempty"`
+ Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
+ Resources *struct {
Claims *[]struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
@@ -853,8 +1021,8 @@ func (r *TempoGrafanaComTempoStackV1Alpha1Manifest) Schema(_ context.Context, _
},
"replication_factor": schema.Int64Attribute{
- Description: "ReplicationFactor is used to define how many component replicas should exist.",
- MarkdownDescription: "ReplicationFactor is used to define how many component replicas should exist.",
+ Description: "The replication factor is a configuration setting that determines how many ingesters need to acknowledge the data from the distributors before accepting a span.",
+ MarkdownDescription: "The replication factor is a configuration setting that determines how many ingesters need to acknowledge the data from the distributors before accepting a span.",
Required: false,
Optional: true,
Computed: false,
@@ -1113,6 +1281,198 @@ func (r *TempoGrafanaComTempoStackV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "pod_security_context": schema.SingleNestedAttribute{
+ Description: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ MarkdownDescription: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ Attributes: map[string]schema.Attribute{
+ "fs_group": schema.Int64Attribute{
+ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "fs_group_change_policy": schema.StringAttribute{
+ Description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_group": schema.Int64Attribute{
+ Description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_non_root": schema.BoolAttribute{
+ Description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user": schema.Int64Attribute{
+ Description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "se_linux_options": schema.SingleNestedAttribute{
+ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "level": schema.StringAttribute{
+ Description: "Level is SELinux level label that applies to the container.",
+ MarkdownDescription: "Level is SELinux level label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "role": schema.StringAttribute{
+ Description: "Role is a SELinux role label that applies to the container.",
+ MarkdownDescription: "Role is a SELinux role label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "Type is a SELinux type label that applies to the container.",
+ MarkdownDescription: "Type is a SELinux type label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "user": schema.StringAttribute{
+ Description: "User is a SELinux user label that applies to the container.",
+ MarkdownDescription: "User is a SELinux user label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "seccomp_profile": schema.SingleNestedAttribute{
+ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ MarkdownDescription: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "supplemental_groups": schema.ListAttribute{
+ Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "sysctls": schema.ListNestedAttribute{
+ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "Name of a property to set",
+ MarkdownDescription: "Name of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "value": schema.StringAttribute{
+ Description: "Value of a property to set",
+ MarkdownDescription: "Value of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "windows_options": schema.SingleNestedAttribute{
+ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ MarkdownDescription: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ Attributes: map[string]schema.Attribute{
+ "gmsa_credential_spec": schema.StringAttribute{
+ Description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ MarkdownDescription: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "gmsa_credential_spec_name": schema.StringAttribute{
+ Description: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ MarkdownDescription: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "host_process": schema.BoolAttribute{
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user_name": schema.StringAttribute{
+ Description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"replicas": schema.Int64Attribute{
Description: "Replicas defines the number of replicas to be created for this component.",
MarkdownDescription: "Replicas defines the number of replicas to be created for this component.",
@@ -1240,6 +1600,198 @@ func (r *TempoGrafanaComTempoStackV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "pod_security_context": schema.SingleNestedAttribute{
+ Description: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ MarkdownDescription: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ Attributes: map[string]schema.Attribute{
+ "fs_group": schema.Int64Attribute{
+ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "fs_group_change_policy": schema.StringAttribute{
+ Description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_group": schema.Int64Attribute{
+ Description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_non_root": schema.BoolAttribute{
+ Description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user": schema.Int64Attribute{
+ Description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "se_linux_options": schema.SingleNestedAttribute{
+ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "level": schema.StringAttribute{
+ Description: "Level is SELinux level label that applies to the container.",
+ MarkdownDescription: "Level is SELinux level label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "role": schema.StringAttribute{
+ Description: "Role is a SELinux role label that applies to the container.",
+ MarkdownDescription: "Role is a SELinux role label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "Type is a SELinux type label that applies to the container.",
+ MarkdownDescription: "Type is a SELinux type label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "user": schema.StringAttribute{
+ Description: "User is a SELinux user label that applies to the container.",
+ MarkdownDescription: "User is a SELinux user label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "seccomp_profile": schema.SingleNestedAttribute{
+ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ MarkdownDescription: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "supplemental_groups": schema.ListAttribute{
+ Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "sysctls": schema.ListNestedAttribute{
+ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "Name of a property to set",
+ MarkdownDescription: "Name of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "value": schema.StringAttribute{
+ Description: "Value of a property to set",
+ MarkdownDescription: "Value of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "windows_options": schema.SingleNestedAttribute{
+ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ MarkdownDescription: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ Attributes: map[string]schema.Attribute{
+ "gmsa_credential_spec": schema.StringAttribute{
+ Description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ MarkdownDescription: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "gmsa_credential_spec_name": schema.StringAttribute{
+ Description: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ MarkdownDescription: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "host_process": schema.BoolAttribute{
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user_name": schema.StringAttribute{
+ Description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"replicas": schema.Int64Attribute{
Description: "Replicas defines the number of replicas to be created for this component.",
MarkdownDescription: "Replicas defines the number of replicas to be created for this component.",
@@ -1413,10 +1965,202 @@ func (r *TempoGrafanaComTempoStackV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
- "replicas": schema.Int64Attribute{
- Description: "Replicas defines the number of replicas to be created for this component.",
- MarkdownDescription: "Replicas defines the number of replicas to be created for this component.",
- Required: false,
+ "pod_security_context": schema.SingleNestedAttribute{
+ Description: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ MarkdownDescription: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ Attributes: map[string]schema.Attribute{
+ "fs_group": schema.Int64Attribute{
+ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "fs_group_change_policy": schema.StringAttribute{
+ Description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_group": schema.Int64Attribute{
+ Description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_non_root": schema.BoolAttribute{
+ Description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user": schema.Int64Attribute{
+ Description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "se_linux_options": schema.SingleNestedAttribute{
+ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "level": schema.StringAttribute{
+ Description: "Level is SELinux level label that applies to the container.",
+ MarkdownDescription: "Level is SELinux level label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "role": schema.StringAttribute{
+ Description: "Role is a SELinux role label that applies to the container.",
+ MarkdownDescription: "Role is a SELinux role label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "Type is a SELinux type label that applies to the container.",
+ MarkdownDescription: "Type is a SELinux type label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "user": schema.StringAttribute{
+ Description: "User is a SELinux user label that applies to the container.",
+ MarkdownDescription: "User is a SELinux user label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "seccomp_profile": schema.SingleNestedAttribute{
+ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ MarkdownDescription: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "supplemental_groups": schema.ListAttribute{
+ Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "sysctls": schema.ListNestedAttribute{
+ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "Name of a property to set",
+ MarkdownDescription: "Name of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "value": schema.StringAttribute{
+ Description: "Value of a property to set",
+ MarkdownDescription: "Value of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "windows_options": schema.SingleNestedAttribute{
+ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ MarkdownDescription: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ Attributes: map[string]schema.Attribute{
+ "gmsa_credential_spec": schema.StringAttribute{
+ Description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ MarkdownDescription: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "gmsa_credential_spec_name": schema.StringAttribute{
+ Description: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ MarkdownDescription: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "host_process": schema.BoolAttribute{
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user_name": schema.StringAttribute{
+ Description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "replicas": schema.Int64Attribute{
+ Description: "Replicas defines the number of replicas to be created for this component.",
+ MarkdownDescription: "Replicas defines the number of replicas to be created for this component.",
+ Required: false,
Optional: true,
Computed: false,
},
@@ -1614,6 +2358,198 @@ func (r *TempoGrafanaComTempoStackV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "pod_security_context": schema.SingleNestedAttribute{
+ Description: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ MarkdownDescription: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ Attributes: map[string]schema.Attribute{
+ "fs_group": schema.Int64Attribute{
+ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "fs_group_change_policy": schema.StringAttribute{
+ Description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_group": schema.Int64Attribute{
+ Description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_non_root": schema.BoolAttribute{
+ Description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user": schema.Int64Attribute{
+ Description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "se_linux_options": schema.SingleNestedAttribute{
+ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "level": schema.StringAttribute{
+ Description: "Level is SELinux level label that applies to the container.",
+ MarkdownDescription: "Level is SELinux level label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "role": schema.StringAttribute{
+ Description: "Role is a SELinux role label that applies to the container.",
+ MarkdownDescription: "Role is a SELinux role label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "Type is a SELinux type label that applies to the container.",
+ MarkdownDescription: "Type is a SELinux type label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "user": schema.StringAttribute{
+ Description: "User is a SELinux user label that applies to the container.",
+ MarkdownDescription: "User is a SELinux user label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "seccomp_profile": schema.SingleNestedAttribute{
+ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ MarkdownDescription: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "supplemental_groups": schema.ListAttribute{
+ Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "sysctls": schema.ListNestedAttribute{
+ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "Name of a property to set",
+ MarkdownDescription: "Name of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "value": schema.StringAttribute{
+ Description: "Value of a property to set",
+ MarkdownDescription: "Value of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "windows_options": schema.SingleNestedAttribute{
+ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ MarkdownDescription: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ Attributes: map[string]schema.Attribute{
+ "gmsa_credential_spec": schema.StringAttribute{
+ Description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ MarkdownDescription: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "gmsa_credential_spec_name": schema.StringAttribute{
+ Description: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ MarkdownDescription: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "host_process": schema.BoolAttribute{
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user_name": schema.StringAttribute{
+ Description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"replicas": schema.Int64Attribute{
Description: "Replicas defines the number of replicas to be created for this component.",
MarkdownDescription: "Replicas defines the number of replicas to be created for this component.",
@@ -1737,6 +2673,198 @@ func (r *TempoGrafanaComTempoStackV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "pod_security_context": schema.SingleNestedAttribute{
+ Description: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ MarkdownDescription: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ Attributes: map[string]schema.Attribute{
+ "fs_group": schema.Int64Attribute{
+ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "fs_group_change_policy": schema.StringAttribute{
+ Description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_group": schema.Int64Attribute{
+ Description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_non_root": schema.BoolAttribute{
+ Description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user": schema.Int64Attribute{
+ Description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "se_linux_options": schema.SingleNestedAttribute{
+ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "level": schema.StringAttribute{
+ Description: "Level is SELinux level label that applies to the container.",
+ MarkdownDescription: "Level is SELinux level label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "role": schema.StringAttribute{
+ Description: "Role is a SELinux role label that applies to the container.",
+ MarkdownDescription: "Role is a SELinux role label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "Type is a SELinux type label that applies to the container.",
+ MarkdownDescription: "Type is a SELinux type label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "user": schema.StringAttribute{
+ Description: "User is a SELinux user label that applies to the container.",
+ MarkdownDescription: "User is a SELinux user label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "seccomp_profile": schema.SingleNestedAttribute{
+ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ MarkdownDescription: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "supplemental_groups": schema.ListAttribute{
+ Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "sysctls": schema.ListNestedAttribute{
+ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "Name of a property to set",
+ MarkdownDescription: "Name of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "value": schema.StringAttribute{
+ Description: "Value of a property to set",
+ MarkdownDescription: "Value of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "windows_options": schema.SingleNestedAttribute{
+ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ MarkdownDescription: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ Attributes: map[string]schema.Attribute{
+ "gmsa_credential_spec": schema.StringAttribute{
+ Description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ MarkdownDescription: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "gmsa_credential_spec_name": schema.StringAttribute{
+ Description: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ MarkdownDescription: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "host_process": schema.BoolAttribute{
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user_name": schema.StringAttribute{
+ Description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"replicas": schema.Int64Attribute{
Description: "Replicas defines the number of replicas to be created for this component.",
MarkdownDescription: "Replicas defines the number of replicas to be created for this component.",
@@ -1864,6 +2992,198 @@ func (r *TempoGrafanaComTempoStackV1Alpha1Manifest) Schema(_ context.Context, _
Computed: false,
},
+ "pod_security_context": schema.SingleNestedAttribute{
+ Description: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ MarkdownDescription: "PodSecurityContext defines security context will be applied to all pods of this component.",
+ Attributes: map[string]schema.Attribute{
+ "fs_group": schema.Int64Attribute{
+ Description: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A special supplemental group that applies to all containers in a pod. Some volume types allow the Kubelet to change the ownership of that volume to be owned by the pod: 1. The owning GID will be the FSGroup 2. The setgid bit is set (new files created in the volume will be owned by FSGroup) 3. The permission bits are OR'd with rw-rw---- If unset, the Kubelet will not modify the ownership and permissions of any volume. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "fs_group_change_policy": schema.StringAttribute{
+ Description: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "fsGroupChangePolicy defines behavior of changing ownership and permission of the volume before being exposed inside Pod. This field will only apply to volume types which support fsGroup based ownership(and permissions). It will have no effect on ephemeral volume types such as: secret, configmaps and emptydir. Valid values are 'OnRootMismatch' and 'Always'. If not specified, 'Always' is used. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_group": schema.Int64Attribute{
+ Description: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The GID to run the entrypoint of the container process. Uses runtime default if unset. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_non_root": schema.BoolAttribute{
+ Description: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "Indicates that the container must run as a non-root user. If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does. If unset or false, no such validation will be performed. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user": schema.Int64Attribute{
+ Description: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The UID to run the entrypoint of the container process. Defaults to user specified in image metadata if unspecified. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "se_linux_options": schema.SingleNestedAttribute{
+ Description: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The SELinux context to be applied to all containers. If unspecified, the container runtime will allocate a random SELinux context for each container. May also be set in SecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence for that container. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "level": schema.StringAttribute{
+ Description: "Level is SELinux level label that applies to the container.",
+ MarkdownDescription: "Level is SELinux level label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "role": schema.StringAttribute{
+ Description: "Role is a SELinux role label that applies to the container.",
+ MarkdownDescription: "Role is a SELinux role label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "Type is a SELinux type label that applies to the container.",
+ MarkdownDescription: "Type is a SELinux type label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "user": schema.StringAttribute{
+ Description: "User is a SELinux user label that applies to the container.",
+ MarkdownDescription: "User is a SELinux user label that applies to the container.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "seccomp_profile": schema.SingleNestedAttribute{
+ Description: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "The seccomp options to use by the containers in this pod. Note that this field cannot be set when spec.os.name is windows.",
+ Attributes: map[string]schema.Attribute{
+ "localhost_profile": schema.StringAttribute{
+ Description: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ MarkdownDescription: "localhostProfile indicates a profile defined in a file on the node should be used. The profile must be preconfigured on the node to work. Must be a descending path, relative to the kubelet's configured seccomp profile location. Must be set if type is 'Localhost'. Must NOT be set for any other type.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "type": schema.StringAttribute{
+ Description: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ MarkdownDescription: "type indicates which kind of seccomp profile will be applied. Valid options are: Localhost - a profile defined in a file on the node should be used. RuntimeDefault - the container runtime default profile should be used. Unconfined - no profile should be applied.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "supplemental_groups": schema.ListAttribute{
+ Description: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "A list of groups applied to the first process run in each container, in addition to the container's primary GID, the fsGroup (if specified), and group memberships defined in the container image for the uid of the container process. If unspecified, no additional groups are added to any container. Note that group memberships defined in the container image for the uid of the container process are still effective, even if they are not included in this list. Note that this field cannot be set when spec.os.name is windows.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "sysctls": schema.ListNestedAttribute{
+ Description: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ MarkdownDescription: "Sysctls hold a list of namespaced sysctls used for the pod. Pods with unsupported sysctls (by the container runtime) might fail to launch. Note that this field cannot be set when spec.os.name is windows.",
+ NestedObject: schema.NestedAttributeObject{
+ Attributes: map[string]schema.Attribute{
+ "name": schema.StringAttribute{
+ Description: "Name of a property to set",
+ MarkdownDescription: "Name of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "value": schema.StringAttribute{
+ Description: "Value of a property to set",
+ MarkdownDescription: "Value of a property to set",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "windows_options": schema.SingleNestedAttribute{
+ Description: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ MarkdownDescription: "The Windows specific settings applied to all containers. If unspecified, the options within a container's SecurityContext will be used. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence. Note that this field cannot be set when spec.os.name is linux.",
+ Attributes: map[string]schema.Attribute{
+ "gmsa_credential_spec": schema.StringAttribute{
+ Description: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ MarkdownDescription: "GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "gmsa_credential_spec_name": schema.StringAttribute{
+ Description: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ MarkdownDescription: "GMSACredentialSpecName is the name of the GMSA credential spec to use.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "host_process": schema.BoolAttribute{
+ Description: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ MarkdownDescription: "HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "run_as_user_name": schema.StringAttribute{
+ Description: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ MarkdownDescription: "The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"replicas": schema.Int64Attribute{
Description: "Replicas defines the number of replicas to be created for this component.",
MarkdownDescription: "Replicas defines the number of replicas to be created for this component.",
diff --git a/internal/provider/temporal_io_v1beta1/temporal_io_temporal_cluster_v1beta1_manifest.go b/internal/provider/temporal_io_v1beta1/temporal_io_temporal_cluster_v1beta1_manifest.go
index d81ac6b3b..b3af863a4 100644
--- a/internal/provider/temporal_io_v1beta1/temporal_io_temporal_cluster_v1beta1_manifest.go
+++ b/internal/provider/temporal_io_v1beta1/temporal_io_temporal_cluster_v1beta1_manifest.go
@@ -67,7 +67,8 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
} `tfsdk:"overrides" json:"overrides,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -140,7 +141,8 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
JobInitContainers *[]map[string]string `tfsdk:"job_init_containers" json:"jobInitContainers,omitempty"`
JobResources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -259,9 +261,48 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
} `tfsdk:"client_secret" json:"clientSecret,omitempty"`
- EndpointParams *map[string]string `tfsdk:"endpoint_params" json:"endpointParams,omitempty"`
- Scopes *[]string `tfsdk:"scopes" json:"scopes,omitempty"`
- TokenUrl *string `tfsdk:"token_url" json:"tokenUrl,omitempty"`
+ EndpointParams *map[string]string `tfsdk:"endpoint_params" json:"endpointParams,omitempty"`
+ NoProxy *string `tfsdk:"no_proxy" json:"noProxy,omitempty"`
+ ProxyConnectHeader *map[string]string `tfsdk:"proxy_connect_header" json:"proxyConnectHeader,omitempty"`
+ ProxyFromEnvironment *bool `tfsdk:"proxy_from_environment" json:"proxyFromEnvironment,omitempty"`
+ ProxyUrl *string `tfsdk:"proxy_url" json:"proxyUrl,omitempty"`
+ Scopes *[]string `tfsdk:"scopes" json:"scopes,omitempty"`
+ TlsConfig *struct {
+ Ca *struct {
+ ConfigMap *struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ } `tfsdk:"config_map" json:"configMap,omitempty"`
+ Secret *struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ } `tfsdk:"secret" json:"secret,omitempty"`
+ } `tfsdk:"ca" json:"ca,omitempty"`
+ Cert *struct {
+ ConfigMap *struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ } `tfsdk:"config_map" json:"configMap,omitempty"`
+ Secret *struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ } `tfsdk:"secret" json:"secret,omitempty"`
+ } `tfsdk:"cert" json:"cert,omitempty"`
+ InsecureSkipVerify *bool `tfsdk:"insecure_skip_verify" json:"insecureSkipVerify,omitempty"`
+ KeySecret *struct {
+ Key *string `tfsdk:"key" json:"key,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
+ } `tfsdk:"key_secret" json:"keySecret,omitempty"`
+ MaxVersion *string `tfsdk:"max_version" json:"maxVersion,omitempty"`
+ MinVersion *string `tfsdk:"min_version" json:"minVersion,omitempty"`
+ ServerName *string `tfsdk:"server_name" json:"serverName,omitempty"`
+ } `tfsdk:"tls_config" json:"tlsConfig,omitempty"`
+ TokenUrl *string `tfsdk:"token_url" json:"tokenUrl,omitempty"`
} `tfsdk:"oauth2" json:"oauth2,omitempty"`
Params *map[string][]string `tfsdk:"params" json:"params,omitempty"`
Path *string `tfsdk:"path" json:"path,omitempty"`
@@ -313,6 +354,8 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
Name *string `tfsdk:"name" json:"name,omitempty"`
Optional *bool `tfsdk:"optional" json:"optional,omitempty"`
} `tfsdk:"key_secret" json:"keySecret,omitempty"`
+ MaxVersion *string `tfsdk:"max_version" json:"maxVersion,omitempty"`
+ MinVersion *string `tfsdk:"min_version" json:"minVersion,omitempty"`
ServerName *string `tfsdk:"server_name" json:"serverName,omitempty"`
} `tfsdk:"tls_config" json:"tlsConfig,omitempty"`
TrackTimestampsStaleness *bool `tfsdk:"track_timestamps_staleness" json:"trackTimestampsStaleness,omitempty"`
@@ -634,7 +677,8 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -665,7 +709,8 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -697,7 +742,8 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -728,7 +774,8 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -776,7 +823,8 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -815,7 +863,8 @@ type TemporalIoTemporalClusterV1Beta1ManifestData struct {
Replicas *int64 `tfsdk:"replicas" json:"replicas,omitempty"`
Resources *struct {
Claims *[]struct {
- Name *string `tfsdk:"name" json:"name,omitempty"`
+ Name *string `tfsdk:"name" json:"name,omitempty"`
+ Request *string `tfsdk:"request" json:"request,omitempty"`
} `tfsdk:"claims" json:"claims,omitempty"`
Limits *map[string]string `tfsdk:"limits" json:"limits,omitempty"`
Requests *map[string]string `tfsdk:"requests" json:"requests,omitempty"`
@@ -1042,6 +1091,14 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -1184,8 +1241,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1230,8 +1287,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1263,8 +1320,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1475,8 +1532,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -1513,6 +1570,14 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -1908,8 +1973,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "'attachMetadata' defines additional metadata which is added to the discovered targets. It requires Prometheus >= v2.37.0.",
Attributes: map[string]schema.Attribute{
"node": schema.BoolAttribute{
- Description: "When set to true, Prometheus must have the 'get' permission on the 'Nodes' objects.",
- MarkdownDescription: "When set to true, Prometheus must have the 'get' permission on the 'Nodes' objects.",
+ Description: "When set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the 'list' and 'watch' permissions on the 'Nodes' objects.",
+ MarkdownDescription: "When set to true, Prometheus attaches node metadata to the discovered targets. The Prometheus service account must have the 'list' and 'watch' permissions on the 'Nodes' objects.",
Required: false,
Optional: true,
Computed: false,
@@ -1932,8 +1997,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"endpoints": schema.ListNestedAttribute{
- Description: "List of endpoints part of this ServiceMonitor.",
- MarkdownDescription: "List of endpoints part of this ServiceMonitor.",
+ Description: "List of endpoints part of this ServiceMonitor. Defines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects. In most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels.",
+ MarkdownDescription: "List of endpoints part of this ServiceMonitor. Defines how to scrape metrics from Kubernetes [Endpoints](https://kubernetes.io/docs/concepts/services-networking/service/#endpoints) objects. In most cases, an Endpoints object is backed by a Kubernetes [Service](https://kubernetes.io/docs/concepts/services-networking/service/) object with the same name and labels.",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"authorization": schema.SingleNestedAttribute{
@@ -1953,8 +2018,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2003,8 +2068,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2036,8 +2101,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2082,8 +2147,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2245,8 +2310,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2278,8 +2343,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2316,8 +2381,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2345,6 +2410,42 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "no_proxy": schema.StringAttribute{
+ Description: "'noProxy' is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.",
+ MarkdownDescription: "'noProxy' is a comma-separated string that can contain IPs, CIDR notation, domain names that should be excluded from proxying. IP and domain names can contain port numbers. It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "proxy_connect_header": schema.MapAttribute{
+ Description: "ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.",
+ MarkdownDescription: "ProxyConnectHeader optionally specifies headers to send to proxies during CONNECT requests. It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "proxy_from_environment": schema.BoolAttribute{
+ Description: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.",
+ MarkdownDescription: "Whether to use the proxy configuration defined by environment variables (HTTP_PROXY, HTTPS_PROXY, and NO_PROXY). It requires Prometheus >= v2.43.0 or Alertmanager >= 0.25.0.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "proxy_url": schema.StringAttribute{
+ Description: "'proxyURL' defines the HTTP proxy server to use.",
+ MarkdownDescription: "'proxyURL' defines the HTTP proxy server to use.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.RegexMatches(regexp.MustCompile(`^http(s)?://.+$`), ""),
+ },
+ },
+
"scopes": schema.ListAttribute{
Description: "'scopes' defines the OAuth2 scopes used for the token request.",
MarkdownDescription: "'scopes' defines the OAuth2 scopes used for the token request.",
@@ -2354,6 +2455,236 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "tls_config": schema.SingleNestedAttribute{
+ Description: "TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0.",
+ MarkdownDescription: "TLS configuration to use when connecting to the OAuth2 server. It requires Prometheus >= v2.43.0.",
+ Attributes: map[string]schema.Attribute{
+ "ca": schema.SingleNestedAttribute{
+ Description: "Certificate authority used when verifying server certificates.",
+ MarkdownDescription: "Certificate authority used when verifying server certificates.",
+ Attributes: map[string]schema.Attribute{
+ "config_map": schema.SingleNestedAttribute{
+ Description: "ConfigMap containing data to use for the targets.",
+ MarkdownDescription: "ConfigMap containing data to use for the targets.",
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "The key to select.",
+ MarkdownDescription: "The key to select.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "Specify whether the ConfigMap or its key must be defined",
+ MarkdownDescription: "Specify whether the ConfigMap or its key must be defined",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "secret": schema.SingleNestedAttribute{
+ Description: "Secret containing data to use for the targets.",
+ MarkdownDescription: "Secret containing data to use for the targets.",
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "The key of the secret to select from. Must be a valid secret key.",
+ MarkdownDescription: "The key of the secret to select from. Must be a valid secret key.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "Specify whether the Secret or its key must be defined",
+ MarkdownDescription: "Specify whether the Secret or its key must be defined",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "cert": schema.SingleNestedAttribute{
+ Description: "Client certificate to present when doing client-authentication.",
+ MarkdownDescription: "Client certificate to present when doing client-authentication.",
+ Attributes: map[string]schema.Attribute{
+ "config_map": schema.SingleNestedAttribute{
+ Description: "ConfigMap containing data to use for the targets.",
+ MarkdownDescription: "ConfigMap containing data to use for the targets.",
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "The key to select.",
+ MarkdownDescription: "The key to select.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "Specify whether the ConfigMap or its key must be defined",
+ MarkdownDescription: "Specify whether the ConfigMap or its key must be defined",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "secret": schema.SingleNestedAttribute{
+ Description: "Secret containing data to use for the targets.",
+ MarkdownDescription: "Secret containing data to use for the targets.",
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "The key of the secret to select from. Must be a valid secret key.",
+ MarkdownDescription: "The key of the secret to select from. Must be a valid secret key.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "Specify whether the Secret or its key must be defined",
+ MarkdownDescription: "Specify whether the Secret or its key must be defined",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "insecure_skip_verify": schema.BoolAttribute{
+ Description: "Disable target certificate validation.",
+ MarkdownDescription: "Disable target certificate validation.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "key_secret": schema.SingleNestedAttribute{
+ Description: "Secret containing the client key file for the targets.",
+ MarkdownDescription: "Secret containing the client key file for the targets.",
+ Attributes: map[string]schema.Attribute{
+ "key": schema.StringAttribute{
+ Description: "The key of the secret to select from. Must be a valid secret key.",
+ MarkdownDescription: "The key of the secret to select from. Must be a valid secret key.",
+ Required: true,
+ Optional: false,
+ Computed: false,
+ },
+
+ "name": schema.StringAttribute{
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "optional": schema.BoolAttribute{
+ Description: "Specify whether the Secret or its key must be defined",
+ MarkdownDescription: "Specify whether the Secret or its key must be defined",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "max_version": schema.StringAttribute{
+ Description: "Maximum acceptable TLS version. It requires Prometheus >= v2.41.0.",
+ MarkdownDescription: "Maximum acceptable TLS version. It requires Prometheus >= v2.41.0.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("TLS10", "TLS11", "TLS12", "TLS13"),
+ },
+ },
+
+ "min_version": schema.StringAttribute{
+ Description: "Minimum acceptable TLS version. It requires Prometheus >= v2.35.0.",
+ MarkdownDescription: "Minimum acceptable TLS version. It requires Prometheus >= v2.35.0.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("TLS10", "TLS11", "TLS12", "TLS13"),
+ },
+ },
+
+ "server_name": schema.StringAttribute{
+ Description: "Used to verify the hostname for the targets.",
+ MarkdownDescription: "Used to verify the hostname for the targets.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"token_url": schema.StringAttribute{
Description: "'tokenURL' configures the URL to fetch the token from.",
MarkdownDescription: "'tokenURL' configures the URL to fetch the token from.",
@@ -2525,8 +2856,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2558,8 +2889,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2608,8 +2939,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2641,8 +2972,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2703,8 +3034,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -2723,6 +3054,28 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Computed: false,
},
+ "max_version": schema.StringAttribute{
+ Description: "Maximum acceptable TLS version. It requires Prometheus >= v2.41.0.",
+ MarkdownDescription: "Maximum acceptable TLS version. It requires Prometheus >= v2.41.0.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("TLS10", "TLS11", "TLS12", "TLS13"),
+ },
+ },
+
+ "min_version": schema.StringAttribute{
+ Description: "Minimum acceptable TLS version. It requires Prometheus >= v2.35.0.",
+ MarkdownDescription: "Minimum acceptable TLS version. It requires Prometheus >= v2.35.0.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ Validators: []validator.String{
+ stringvalidator.OneOf("TLS10", "TLS11", "TLS12", "TLS13"),
+ },
+ },
+
"server_name": schema.StringAttribute{
Description: "Used to verify the hostname for the targets.",
MarkdownDescription: "Used to verify the hostname for the targets.",
@@ -2745,8 +3098,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
},
},
- Required: false,
- Optional: true,
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -2791,8 +3144,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"namespace_selector": schema.SingleNestedAttribute{
- Description: "Selector to select which namespaces the Kubernetes 'Endpoints' objects are discovered from.",
- MarkdownDescription: "Selector to select which namespaces the Kubernetes 'Endpoints' objects are discovered from.",
+ Description: "'namespaceSelector' defines in which namespace(s) Prometheus should discover the services. By default, the services are discovered in the same namespace as the 'ServiceMonitor' object but it is possible to select pods across different/all namespaces.",
+ MarkdownDescription: "'namespaceSelector' defines in which namespace(s) Prometheus should discover the services. By default, the services are discovered in the same namespace as the 'ServiceMonitor' object but it is possible to select pods across different/all namespaces.",
Attributes: map[string]schema.Attribute{
"any": schema.BoolAttribute{
Description: "Boolean describing whether all namespaces are selected in contrast to a list restricting them.",
@@ -2854,8 +3207,8 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
},
"selector": schema.SingleNestedAttribute{
- Description: "Label selector to select the Kubernetes 'Endpoints' objects.",
- MarkdownDescription: "Label selector to select the Kubernetes 'Endpoints' objects.",
+ Description: "Label selector to select the Kubernetes 'Endpoints' objects to scrape metrics from.",
+ MarkdownDescription: "Label selector to select the Kubernetes 'Endpoints' objects to scrape metrics from.",
Attributes: map[string]schema.Attribute{
"match_expressions": schema.ListNestedAttribute{
Description: "matchExpressions is a list of label selector requirements. The requirements are ANDed.",
@@ -4976,6 +5329,14 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -5174,6 +5535,14 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -5380,6 +5749,14 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -5578,6 +5955,14 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -5875,6 +6260,14 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
@@ -6124,6 +6517,14 @@ func (r *TemporalIoTemporalClusterV1Beta1Manifest) Schema(_ context.Context, _ d
Optional: false,
Computed: false,
},
+
+ "request": schema.StringAttribute{
+ Description: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ MarkdownDescription: "Request is the name chosen for a request in the referenced claim. If empty, everything from the claim is made available, otherwise only the result of this request.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
},
},
Required: false,
diff --git a/internal/provider/tinkerbell_org_v1alpha1/tinkerbell_org_workflow_v1alpha1_manifest.go b/internal/provider/tinkerbell_org_v1alpha1/tinkerbell_org_workflow_v1alpha1_manifest.go
index a240c8c2d..f9b25b612 100644
--- a/internal/provider/tinkerbell_org_v1alpha1/tinkerbell_org_workflow_v1alpha1_manifest.go
+++ b/internal/provider/tinkerbell_org_v1alpha1/tinkerbell_org_workflow_v1alpha1_manifest.go
@@ -43,6 +43,10 @@ type TinkerbellOrgWorkflowV1Alpha1ManifestData struct {
} `tfsdk:"metadata" json:"metadata"`
Spec *struct {
+ BootOptions *struct {
+ OneTimeNetboot *bool `tfsdk:"one_time_netboot" json:"oneTimeNetboot,omitempty"`
+ ToggleAllowNetboot *bool `tfsdk:"toggle_allow_netboot" json:"toggleAllowNetboot,omitempty"`
+ } `tfsdk:"boot_options" json:"bootOptions,omitempty"`
HardwareMap *map[string]string `tfsdk:"hardware_map" json:"hardwareMap,omitempty"`
HardwareRef *string `tfsdk:"hardware_ref" json:"hardwareRef,omitempty"`
TemplateRef *string `tfsdk:"template_ref" json:"templateRef,omitempty"`
@@ -126,9 +130,34 @@ func (r *TinkerbellOrgWorkflowV1Alpha1Manifest) Schema(_ context.Context, _ data
Description: "WorkflowSpec defines the desired state of Workflow.",
MarkdownDescription: "WorkflowSpec defines the desired state of Workflow.",
Attributes: map[string]schema.Attribute{
+ "boot_options": schema.SingleNestedAttribute{
+ Description: "BootOptions are options that control the booting of Hardware.",
+ MarkdownDescription: "BootOptions are options that control the booting of Hardware.",
+ Attributes: map[string]schema.Attribute{
+ "one_time_netboot": schema.BoolAttribute{
+ Description: "OneTimeNetboot indicates whether the controller should create a job.bmc.tinkerbell.org object for getting the associated hardware into a netbooting state. A HardwareRef that contains a spec.BmcRef must be provided.",
+ MarkdownDescription: "OneTimeNetboot indicates whether the controller should create a job.bmc.tinkerbell.org object for getting the associated hardware into a netbooting state. A HardwareRef that contains a spec.BmcRef must be provided.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
+ "toggle_allow_netboot": schema.BoolAttribute{
+ Description: "ToggleAllowNetboot indicates whether the controller should toggle the field in the associated hardware for allowing PXE booting. This will be enabled before a Workflow is executed and disabled after the Workflow has completed successfully. A HardwareRef must be provided.",
+ MarkdownDescription: "ToggleAllowNetboot indicates whether the controller should toggle the field in the associated hardware for allowing PXE booting. This will be enabled before a Workflow is executed and disabled after the Workflow has completed successfully. A HardwareRef must be provided.",
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+ },
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"hardware_map": schema.MapAttribute{
- Description: "A mapping of template devices to hadware mac addresses",
- MarkdownDescription: "A mapping of template devices to hadware mac addresses",
+ Description: "A mapping of template devices to hadware mac addresses.",
+ MarkdownDescription: "A mapping of template devices to hadware mac addresses.",
ElementType: types.StringType,
Required: false,
Optional: true,
diff --git a/internal/provider/tinkerbell_org_v1alpha2/tinkerbell_org_hardware_v1alpha2_manifest.go b/internal/provider/tinkerbell_org_v1alpha2/tinkerbell_org_hardware_v1alpha2_manifest.go
index ec2915e23..1589fa7d0 100644
--- a/internal/provider/tinkerbell_org_v1alpha2/tinkerbell_org_hardware_v1alpha2_manifest.go
+++ b/internal/provider/tinkerbell_org_v1alpha2/tinkerbell_org_hardware_v1alpha2_manifest.go
@@ -160,8 +160,8 @@ func (r *TinkerbellOrgHardwareV1Alpha2Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "BMCRef references a Rufio Machine object.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -352,8 +352,8 @@ func (r *TinkerbellOrgHardwareV1Alpha2Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "OSIE describes the Operating System Installation Environment to be netbooted.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/tinkerbell_org_v1alpha2/tinkerbell_org_workflow_v1alpha2_manifest.go b/internal/provider/tinkerbell_org_v1alpha2/tinkerbell_org_workflow_v1alpha2_manifest.go
index 3d917a4df..f37e274f9 100644
--- a/internal/provider/tinkerbell_org_v1alpha2/tinkerbell_org_workflow_v1alpha2_manifest.go
+++ b/internal/provider/tinkerbell_org_v1alpha2/tinkerbell_org_workflow_v1alpha2_manifest.go
@@ -137,8 +137,8 @@ func (r *TinkerbellOrgWorkflowV1Alpha2Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "HardwareRef is a reference to a Hardware resource this workflow will execute on.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
@@ -163,8 +163,8 @@ func (r *TinkerbellOrgWorkflowV1Alpha2Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "TemplateRef is a reference to a Template resource used to render workflow actions.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
- MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. TODO: Add other useful fields. apiVersion, kind, uid? More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names TODO: Drop 'kubebuilder:default' when controller-gen doesn't need it https://github.com/kubernetes-sigs/kubebuilder/issues/3896.",
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_tcp_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_tcp_v1alpha1_manifest.go
index a5d11afb5..0cb862868 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_tcp_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_tcp_v1alpha1_manifest.go
@@ -165,8 +165,8 @@ func (r *TraefikIoIngressRouteTcpV1Alpha1Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "IngressRouteTCPSpec defines the desired state of IngressRouteTCP.",
Attributes: map[string]schema.Attribute{
"entry_points": schema.ListAttribute{
- Description: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/ Default: all.",
- MarkdownDescription: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/ Default: all.",
+ Description: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ Default: all.",
+ MarkdownDescription: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ Default: all.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -179,8 +179,8 @@ func (r *TraefikIoIngressRouteTcpV1Alpha1Manifest) Schema(_ context.Context, _ d
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"match": schema.StringAttribute{
- Description: "Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1",
- MarkdownDescription: "Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule_1",
+ Description: "Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1",
+ MarkdownDescription: "Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule_1",
Required: true,
Optional: false,
Computed: false,
@@ -214,8 +214,8 @@ func (r *TraefikIoIngressRouteTcpV1Alpha1Manifest) Schema(_ context.Context, _ d
},
"priority": schema.Int64Attribute{
- Description: "Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1",
- MarkdownDescription: "Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority_1",
+ Description: "Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1",
+ MarkdownDescription: "Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority_1",
Required: false,
Optional: true,
Computed: false,
@@ -267,8 +267,8 @@ func (r *TraefikIoIngressRouteTcpV1Alpha1Manifest) Schema(_ context.Context, _ d
},
"proxy_protocol": schema.SingleNestedAttribute{
- Description: "ProxyProtocol defines the PROXY protocol configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol",
- MarkdownDescription: "ProxyProtocol defines the PROXY protocol configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#proxy-protocol",
+ Description: "ProxyProtocol defines the PROXY protocol configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol",
+ MarkdownDescription: "ProxyProtocol defines the PROXY protocol configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#proxy-protocol",
Attributes: map[string]schema.Attribute{
"version": schema.Int64Attribute{
Description: "Version defines the PROXY Protocol version to use.",
@@ -322,8 +322,8 @@ func (r *TraefikIoIngressRouteTcpV1Alpha1Manifest) Schema(_ context.Context, _ d
},
"syntax": schema.StringAttribute{
- Description: "Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1",
- MarkdownDescription: "Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax_1",
+ Description: "Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1",
+ MarkdownDescription: "Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax_1",
Required: false,
Optional: true,
Computed: false,
@@ -336,20 +336,20 @@ func (r *TraefikIoIngressRouteTcpV1Alpha1Manifest) Schema(_ context.Context, _ d
},
"tls": schema.SingleNestedAttribute{
- Description: "TLS defines the TLS configuration on a layer 4 / TCP Route. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1",
- MarkdownDescription: "TLS defines the TLS configuration on a layer 4 / TCP Route. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls_1",
+ Description: "TLS defines the TLS configuration on a layer 4 / TCP Route. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1",
+ MarkdownDescription: "TLS defines the TLS configuration on a layer 4 / TCP Route. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls_1",
Attributes: map[string]schema.Attribute{
"cert_resolver": schema.StringAttribute{
- Description: "CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers",
- MarkdownDescription: "CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers",
+ Description: "CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers",
+ MarkdownDescription: "CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers",
Required: false,
Optional: true,
Computed: false,
},
"domains": schema.ListNestedAttribute{
- Description: "Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains",
- MarkdownDescription: "Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains",
+ Description: "Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains",
+ MarkdownDescription: "Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"main": schema.StringAttribute{
@@ -376,8 +376,8 @@ func (r *TraefikIoIngressRouteTcpV1Alpha1Manifest) Schema(_ context.Context, _ d
},
"options": schema.SingleNestedAttribute{
- Description: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options",
- MarkdownDescription: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options",
+ Description: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options",
+ MarkdownDescription: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
Description: "Name defines the name of the referenced Traefik resource.",
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_udp_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_udp_v1alpha1_manifest.go
index e3a4dce1e..78005243e 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_udp_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_udp_v1alpha1_manifest.go
@@ -135,8 +135,8 @@ func (r *TraefikIoIngressRouteUdpV1Alpha1Manifest) Schema(_ context.Context, _ d
MarkdownDescription: "IngressRouteUDPSpec defines the desired state of a IngressRouteUDP.",
Attributes: map[string]schema.Attribute{
"entry_points": schema.ListAttribute{
- Description: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/ Default: all.",
- MarkdownDescription: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/ Default: all.",
+ Description: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ Default: all.",
+ MarkdownDescription: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ Default: all.",
ElementType: types.StringType,
Required: false,
Optional: true,
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_v1alpha1_manifest.go
index 60227f818..ceba3a612 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_ingress_route_v1alpha1_manifest.go
@@ -189,8 +189,8 @@ func (r *TraefikIoIngressRouteV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "IngressRouteSpec defines the desired state of IngressRoute.",
Attributes: map[string]schema.Attribute{
"entry_points": schema.ListAttribute{
- Description: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/ Default: all.",
- MarkdownDescription: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/entrypoints/ Default: all.",
+ Description: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ Default: all.",
+ MarkdownDescription: "EntryPoints defines the list of entry point names to bind to. Entry points have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/entrypoints/ Default: all.",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -214,16 +214,16 @@ func (r *TraefikIoIngressRouteV1Alpha1Manifest) Schema(_ context.Context, _ data
},
"match": schema.StringAttribute{
- Description: "Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule",
- MarkdownDescription: "Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rule",
+ Description: "Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule",
+ MarkdownDescription: "Match defines the router's rule. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rule",
Required: true,
Optional: false,
Computed: false,
},
"middlewares": schema.ListNestedAttribute{
- Description: "Middlewares defines the list of references to Middleware resources. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware",
- MarkdownDescription: "Middlewares defines the list of references to Middleware resources. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-middleware",
+ Description: "Middlewares defines the list of references to Middleware resources. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware",
+ MarkdownDescription: "Middlewares defines the list of references to Middleware resources. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-middleware",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
@@ -249,8 +249,8 @@ func (r *TraefikIoIngressRouteV1Alpha1Manifest) Schema(_ context.Context, _ data
},
"priority": schema.Int64Attribute{
- Description: "Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority",
- MarkdownDescription: "Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#priority",
+ Description: "Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority",
+ MarkdownDescription: "Priority defines the router's priority. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#priority",
Required: false,
Optional: true,
Computed: false,
@@ -452,8 +452,8 @@ func (r *TraefikIoIngressRouteV1Alpha1Manifest) Schema(_ context.Context, _ data
},
"sticky": schema.SingleNestedAttribute{
- Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
- MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
+ Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
+ MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
Attributes: map[string]schema.Attribute{
"cookie": schema.SingleNestedAttribute{
Description: "Cookie defines the sticky cookie configuration.",
@@ -532,8 +532,8 @@ func (r *TraefikIoIngressRouteV1Alpha1Manifest) Schema(_ context.Context, _ data
},
"syntax": schema.StringAttribute{
- Description: "Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax",
- MarkdownDescription: "Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#rulesyntax",
+ Description: "Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax",
+ MarkdownDescription: "Syntax defines the router's rule syntax. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#rulesyntax",
Required: false,
Optional: true,
Computed: false,
@@ -546,20 +546,20 @@ func (r *TraefikIoIngressRouteV1Alpha1Manifest) Schema(_ context.Context, _ data
},
"tls": schema.SingleNestedAttribute{
- Description: "TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls",
- MarkdownDescription: "TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#tls",
+ Description: "TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls",
+ MarkdownDescription: "TLS defines the TLS configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#tls",
Attributes: map[string]schema.Attribute{
"cert_resolver": schema.StringAttribute{
- Description: "CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers",
- MarkdownDescription: "CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/https/acme/#certificate-resolvers",
+ Description: "CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers",
+ MarkdownDescription: "CertResolver defines the name of the certificate resolver to use. Cert resolvers have to be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/https/acme/#certificate-resolvers",
Required: false,
Optional: true,
Computed: false,
},
"domains": schema.ListNestedAttribute{
- Description: "Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains",
- MarkdownDescription: "Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.1/routing/routers/#domains",
+ Description: "Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains",
+ MarkdownDescription: "Domains defines the list of domains that will be used to issue certificates. More info: https://doc.traefik.io/traefik/v3.2/routing/routers/#domains",
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"main": schema.StringAttribute{
@@ -586,20 +586,20 @@ func (r *TraefikIoIngressRouteV1Alpha1Manifest) Schema(_ context.Context, _ data
},
"options": schema.SingleNestedAttribute{
- Description: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options",
- MarkdownDescription: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options",
+ Description: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options",
+ MarkdownDescription: "Options defines the reference to a TLSOption, that specifies the parameters of the TLS connection. If not defined, the 'default' TLSOption is used. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name defines the name of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption",
- MarkdownDescription: "Name defines the name of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption",
+ Description: "Name defines the name of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption",
+ MarkdownDescription: "Name defines the name of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption",
Required: true,
Optional: false,
Computed: false,
},
"namespace": schema.StringAttribute{
- Description: "Namespace defines the namespace of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption",
- MarkdownDescription: "Namespace defines the namespace of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsoption",
+ Description: "Namespace defines the namespace of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption",
+ MarkdownDescription: "Namespace defines the namespace of the referenced TLSOption. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsoption",
Required: false,
Optional: true,
Computed: false,
@@ -623,16 +623,16 @@ func (r *TraefikIoIngressRouteV1Alpha1Manifest) Schema(_ context.Context, _ data
MarkdownDescription: "Store defines the reference to the TLSStore, that will be used to store certificates. Please note that only 'default' TLSStore can be used.",
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name defines the name of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore",
- MarkdownDescription: "Name defines the name of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore",
+ Description: "Name defines the name of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore",
+ MarkdownDescription: "Name defines the name of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore",
Required: true,
Optional: false,
Computed: false,
},
"namespace": schema.StringAttribute{
- Description: "Namespace defines the namespace of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore",
- MarkdownDescription: "Namespace defines the namespace of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-tlsstore",
+ Description: "Namespace defines the namespace of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore",
+ MarkdownDescription: "Namespace defines the namespace of the referenced TLSStore. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-tlsstore",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_middleware_tcp_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_middleware_tcp_v1alpha1_manifest.go
index 9df141294..1c447584b 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_middleware_tcp_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_middleware_tcp_v1alpha1_manifest.go
@@ -61,8 +61,8 @@ func (r *TraefikIoMiddlewareTcpV1Alpha1Manifest) Metadata(_ context.Context, req
func (r *TraefikIoMiddlewareTcpV1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRequest, response *datasource.SchemaResponse) {
response.Schema = schema.Schema{
- Description: "MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/",
- MarkdownDescription: "MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/overview/",
+ Description: "MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/",
+ MarkdownDescription: "MiddlewareTCP is the CRD implementation of a Traefik TCP middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/overview/",
Attributes: map[string]schema.Attribute{
"yaml": schema.StringAttribute{
Description: "The generated manifest in YAML format.",
@@ -150,8 +150,8 @@ func (r *TraefikIoMiddlewareTcpV1Alpha1Manifest) Schema(_ context.Context, _ dat
},
"ip_allow_list": schema.SingleNestedAttribute{
- Description: "IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/",
- MarkdownDescription: "IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipallowlist/",
+ Description: "IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/",
+ MarkdownDescription: "IPAllowList defines the IPAllowList middleware configuration. This middleware accepts/refuses connections based on the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipallowlist/",
Attributes: map[string]schema.Attribute{
"source_range": schema.ListAttribute{
Description: "SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation).",
@@ -168,8 +168,8 @@ func (r *TraefikIoMiddlewareTcpV1Alpha1Manifest) Schema(_ context.Context, _ dat
},
"ip_white_list": schema.SingleNestedAttribute{
- Description: "IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/",
- MarkdownDescription: "IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v3.1/middlewares/tcp/ipwhitelist/",
+ Description: "IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/",
+ MarkdownDescription: "IPWhiteList defines the IPWhiteList middleware configuration. This middleware accepts/refuses connections based on the client IP. Deprecated: please use IPAllowList instead. More info: https://doc.traefik.io/traefik/v3.2/middlewares/tcp/ipwhitelist/",
Attributes: map[string]schema.Attribute{
"source_range": schema.ListAttribute{
Description: "SourceRange defines the allowed IPs (or ranges of allowed IPs by using CIDR notation).",
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_middleware_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_middleware_v1alpha1_manifest.go
index 1c9541e94..d1766a7af 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_middleware_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_middleware_v1alpha1_manifest.go
@@ -291,8 +291,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Metadata(_ context.Context, reques
func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRequest, response *datasource.SchemaResponse) {
response.Schema = schema.Schema{
- Description: "Middleware is the CRD implementation of a Traefik Middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/",
- MarkdownDescription: "Middleware is the CRD implementation of a Traefik Middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/overview/",
+ Description: "Middleware is the CRD implementation of a Traefik Middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/",
+ MarkdownDescription: "Middleware is the CRD implementation of a Traefik Middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/overview/",
Attributes: map[string]schema.Attribute{
"yaml": schema.StringAttribute{
Description: "The generated manifest in YAML format.",
@@ -363,8 +363,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
MarkdownDescription: "MiddlewareSpec defines the desired state of a Middleware.",
Attributes: map[string]schema.Attribute{
"add_prefix": schema.SingleNestedAttribute{
- Description: "AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding it. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/",
- MarkdownDescription: "AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding it. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/addprefix/",
+ Description: "AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding it. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/addprefix/",
+ MarkdownDescription: "AddPrefix holds the add prefix middleware configuration. This middleware updates the path of a request before forwarding it. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/addprefix/",
Attributes: map[string]schema.Attribute{
"prefix": schema.StringAttribute{
Description: "Prefix is the string to add before the current path in the requested URL. It should include a leading slash (/).",
@@ -380,12 +380,12 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"basic_auth": schema.SingleNestedAttribute{
- Description: "BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/",
- MarkdownDescription: "BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/",
+ Description: "BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/",
+ MarkdownDescription: "BasicAuth holds the basic auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/",
Attributes: map[string]schema.Attribute{
"header_field": schema.StringAttribute{
- Description: "HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield",
- MarkdownDescription: "HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield",
+ Description: "HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield",
+ MarkdownDescription: "HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield",
Required: false,
Optional: true,
Computed: false,
@@ -421,8 +421,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"buffering": schema.SingleNestedAttribute{
- Description: "Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can be forwarded to backends. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes",
- MarkdownDescription: "Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can be forwarded to backends. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#maxrequestbodybytes",
+ Description: "Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can be forwarded to backends. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#maxrequestbodybytes",
+ MarkdownDescription: "Buffering holds the buffering middleware configuration. This middleware retries or limits the size of requests that can be forwarded to backends. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#maxrequestbodybytes",
Attributes: map[string]schema.Attribute{
"max_request_body_bytes": schema.Int64Attribute{
Description: "MaxRequestBodyBytes defines the maximum allowed body size for the request (in bytes). If the request exceeds the allowed size, it is not forwarded to the service, and the client gets a 413 (Request Entity Too Large) response. Default: 0 (no maximum).",
@@ -457,8 +457,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"retry_expression": schema.StringAttribute{
- Description: "RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) and OR (||). More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression",
- MarkdownDescription: "RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) and OR (||). More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/buffering/#retryexpression",
+ Description: "RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) and OR (||). More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#retryexpression",
+ MarkdownDescription: "RetryExpression defines the retry conditions. It is a logical combination of functions with operators AND (&&) and OR (||). More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/buffering/#retryexpression",
Required: false,
Optional: true,
Computed: false,
@@ -470,8 +470,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"chain": schema.SingleNestedAttribute{
- Description: "Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other pieces of middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/",
- MarkdownDescription: "Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other pieces of middleware. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/chain/",
+ Description: "Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other pieces of middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/chain/",
+ MarkdownDescription: "Chain holds the configuration of the chain middleware. This middleware enables to define reusable combinations of other pieces of middleware. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/chain/",
Attributes: map[string]schema.Attribute{
"middlewares": schema.ListNestedAttribute{
Description: "Middlewares is the list of MiddlewareRef which composes the chain.",
@@ -555,8 +555,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"compress": schema.SingleNestedAttribute{
- Description: "Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/",
- MarkdownDescription: "Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/compress/",
+ Description: "Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/compress/",
+ MarkdownDescription: "Compress holds the compress middleware configuration. This middleware compresses responses before sending them to the client, using gzip, brotli, or zstd compression. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/compress/",
Attributes: map[string]schema.Attribute{
"default_encoding": schema.StringAttribute{
Description: "DefaultEncoding specifies the default encoding if the 'Accept-Encoding' header is not in the request or contains a wildcard ('*').",
@@ -624,12 +624,12 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"digest_auth": schema.SingleNestedAttribute{
- Description: "DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/",
- MarkdownDescription: "DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/digestauth/",
+ Description: "DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/",
+ MarkdownDescription: "DigestAuth holds the digest auth middleware configuration. This middleware restricts access to your services to known users. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/digestauth/",
Attributes: map[string]schema.Attribute{
"header_field": schema.StringAttribute{
- Description: "HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield",
- MarkdownDescription: "HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/basicauth/#headerfield",
+ Description: "HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield",
+ MarkdownDescription: "HeaderField defines a header field to store the authenticated user. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/basicauth/#headerfield",
Required: false,
Optional: true,
Computed: false,
@@ -665,8 +665,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"errors": schema.SingleNestedAttribute{
- Description: "ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/",
- MarkdownDescription: "ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/",
+ Description: "ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/",
+ MarkdownDescription: "ErrorPage holds the custom error middleware configuration. This middleware returns a custom page in lieu of the default, according to configured ranges of HTTP Status codes. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/",
Attributes: map[string]schema.Attribute{
"query": schema.StringAttribute{
Description: "Query defines the URL for the error page (hosted by service). The {status} variable can be used in order to insert the status code in the URL.",
@@ -677,8 +677,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"service": schema.SingleNestedAttribute{
- Description: "Service defines the reference to a Kubernetes Service that will serve the error page. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service",
- MarkdownDescription: "Service defines the reference to a Kubernetes Service that will serve the error page. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/errorpages/#service",
+ Description: "Service defines the reference to a Kubernetes Service that will serve the error page. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/#service",
+ MarkdownDescription: "Service defines the reference to a Kubernetes Service that will serve the error page. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/errorpages/#service",
Attributes: map[string]schema.Attribute{
"health_check": schema.SingleNestedAttribute{
Description: "Healthcheck defines health checks for ExternalName services.",
@@ -871,8 +871,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"sticky": schema.SingleNestedAttribute{
- Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
- MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
+ Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
+ MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
Attributes: map[string]schema.Attribute{
"cookie": schema.SingleNestedAttribute{
Description: "Cookie defines the sticky cookie configuration.",
@@ -964,8 +964,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"forward_auth": schema.SingleNestedAttribute{
- Description: "ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/",
- MarkdownDescription: "ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/",
+ Description: "ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/",
+ MarkdownDescription: "ForwardAuth holds the forward auth middleware configuration. This middleware delegates the request authentication to a Service. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/",
Attributes: map[string]schema.Attribute{
"add_auth_cookies_to_response": schema.ListAttribute{
Description: "AddAuthCookiesToResponse defines the list of cookies to copy from the authentication server response to the response.",
@@ -1003,8 +1003,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"auth_response_headers_regex": schema.StringAttribute{
- Description: "AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex",
- MarkdownDescription: "AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/forwardauth/#authresponseheadersregex",
+ Description: "AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex",
+ MarkdownDescription: "AuthResponseHeadersRegex defines the regex to match headers to copy from the authentication server response and set on forwarded request, after stripping all headers that match the regex. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/forwardauth/#authresponseheadersregex",
Required: false,
Optional: true,
Computed: false,
@@ -1083,8 +1083,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"headers": schema.SingleNestedAttribute{
- Description: "Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders",
- MarkdownDescription: "Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/headers/#customrequestheaders",
+ Description: "Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/headers/#customrequestheaders",
+ MarkdownDescription: "Headers holds the headers middleware configuration. This middleware manages the requests and responses headers. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/headers/#customrequestheaders",
Attributes: map[string]schema.Attribute{
"access_control_allow_credentials": schema.BoolAttribute{
Description: "AccessControlAllowCredentials defines whether the request can include user credentials.",
@@ -1366,8 +1366,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"in_flight_req": schema.SingleNestedAttribute{
- Description: "InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and served concurrently. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/",
- MarkdownDescription: "InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and served concurrently. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/",
+ Description: "InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and served concurrently. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/",
+ MarkdownDescription: "InFlightReq holds the in-flight request middleware configuration. This middleware limits the number of requests being processed and served concurrently. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/",
Attributes: map[string]schema.Attribute{
"amount": schema.Int64Attribute{
Description: "Amount defines the maximum amount of allowed simultaneous in-flight request. The middleware responds with HTTP 429 Too Many Requests if there are already amount requests in progress (based on the same sourceCriterion strategy).",
@@ -1378,12 +1378,12 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"source_criterion": schema.SingleNestedAttribute{
- Description: "SourceCriterion defines what criterion is used to group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion",
- MarkdownDescription: "SourceCriterion defines what criterion is used to group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/inflightreq/#sourcecriterion",
+ Description: "SourceCriterion defines what criterion is used to group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/#sourcecriterion",
+ MarkdownDescription: "SourceCriterion defines what criterion is used to group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the requestHost. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/inflightreq/#sourcecriterion",
Attributes: map[string]schema.Attribute{
"ip_strategy": schema.SingleNestedAttribute{
- Description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy",
- MarkdownDescription: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy",
+ Description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy",
+ MarkdownDescription: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy",
Attributes: map[string]schema.Attribute{
"depth": schema.Int64Attribute{
Description: "Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).",
@@ -1442,12 +1442,12 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"ip_allow_list": schema.SingleNestedAttribute{
- Description: "IPAllowList holds the IP allowlist middleware configuration. This middleware limits allowed requests based on the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/",
- MarkdownDescription: "IPAllowList holds the IP allowlist middleware configuration. This middleware limits allowed requests based on the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/",
+ Description: "IPAllowList holds the IP allowlist middleware configuration. This middleware limits allowed requests based on the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/",
+ MarkdownDescription: "IPAllowList holds the IP allowlist middleware configuration. This middleware limits allowed requests based on the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/",
Attributes: map[string]schema.Attribute{
"ip_strategy": schema.SingleNestedAttribute{
- Description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy",
- MarkdownDescription: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy",
+ Description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy",
+ MarkdownDescription: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy",
Attributes: map[string]schema.Attribute{
"depth": schema.Int64Attribute{
Description: "Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).",
@@ -1506,8 +1506,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
MarkdownDescription: "Deprecated: please use IPAllowList instead.",
Attributes: map[string]schema.Attribute{
"ip_strategy": schema.SingleNestedAttribute{
- Description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy",
- MarkdownDescription: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy",
+ Description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy",
+ MarkdownDescription: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy",
Attributes: map[string]schema.Attribute{
"depth": schema.Int64Attribute{
Description: "Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).",
@@ -1554,8 +1554,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"pass_tls_client_cert": schema.SingleNestedAttribute{
- Description: "PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/",
- MarkdownDescription: "PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/passtlsclientcert/",
+ Description: "PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/passtlsclientcert/",
+ MarkdownDescription: "PassTLSClientCert holds the pass TLS client cert middleware configuration. This middleware adds the selected data from the passed client TLS certificate to a header. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/passtlsclientcert/",
Attributes: map[string]schema.Attribute{
"info": schema.SingleNestedAttribute{
Description: "Info selects the specific client certificate details you want to add to the X-Forwarded-Tls-Client-Cert-Info header.",
@@ -1759,8 +1759,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"rate_limit": schema.SingleNestedAttribute{
- Description: "RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/",
- MarkdownDescription: "RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ratelimit/",
+ Description: "RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ratelimit/",
+ MarkdownDescription: "RateLimit holds the rate limit configuration. This middleware ensures that services will receive a fair amount of requests, and allows one to define what fair is. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ratelimit/",
Attributes: map[string]schema.Attribute{
"average": schema.Int64Attribute{
Description: "Average is the maximum rate, by default in requests/s, allowed for the given source. It defaults to 0, which means no rate limiting. The rate is actually defined by dividing Average by Period. So for a rate below 1req/s, one needs to define a Period larger than a second.",
@@ -1791,8 +1791,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
MarkdownDescription: "SourceCriterion defines what criterion is used to group requests as originating from a common source. If several strategies are defined at the same time, an error will be raised. If none are set, the default is to use the request's remote address field (as an ipStrategy).",
Attributes: map[string]schema.Attribute{
"ip_strategy": schema.SingleNestedAttribute{
- Description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy",
- MarkdownDescription: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/ipallowlist/#ipstrategy",
+ Description: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy",
+ MarkdownDescription: "IPStrategy holds the IP strategy configuration used by Traefik to determine the client IP. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/ipallowlist/#ipstrategy",
Attributes: map[string]schema.Attribute{
"depth": schema.Int64Attribute{
Description: "Depth tells Traefik to use the X-Forwarded-For header and take the IP located at the depth position (starting from the right).",
@@ -1851,8 +1851,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"redirect_regex": schema.SingleNestedAttribute{
- Description: "RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex",
- MarkdownDescription: "RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectregex/#regex",
+ Description: "RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectregex/#regex",
+ MarkdownDescription: "RedirectRegex holds the redirect regex middleware configuration. This middleware redirects a request using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectregex/#regex",
Attributes: map[string]schema.Attribute{
"permanent": schema.BoolAttribute{
Description: "Permanent defines whether the redirection is permanent (301).",
@@ -1884,8 +1884,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"redirect_scheme": schema.SingleNestedAttribute{
- Description: "RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port to another. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/",
- MarkdownDescription: "RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port to another. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/redirectscheme/",
+ Description: "RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port to another. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectscheme/",
+ MarkdownDescription: "RedirectScheme holds the redirect scheme middleware configuration. This middleware redirects requests from a scheme/port to another. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/redirectscheme/",
Attributes: map[string]schema.Attribute{
"permanent": schema.BoolAttribute{
Description: "Permanent defines whether the redirection is permanent (301).",
@@ -1917,8 +1917,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"replace_path": schema.SingleNestedAttribute{
- Description: "ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/",
- MarkdownDescription: "ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepath/",
+ Description: "ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepath/",
+ MarkdownDescription: "ReplacePath holds the replace path middleware configuration. This middleware replaces the path of the request URL and store the original path in an X-Replaced-Path header. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepath/",
Attributes: map[string]schema.Attribute{
"path": schema.StringAttribute{
Description: "Path defines the path to use as replacement in the request URL.",
@@ -1934,8 +1934,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"replace_path_regex": schema.SingleNestedAttribute{
- Description: "ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/",
- MarkdownDescription: "ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/replacepathregex/",
+ Description: "ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepathregex/",
+ MarkdownDescription: "ReplacePathRegex holds the replace path regex middleware configuration. This middleware replaces the path of a URL using regex matching and replacement. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/replacepathregex/",
Attributes: map[string]schema.Attribute{
"regex": schema.StringAttribute{
Description: "Regex defines the regular expression used to match and capture the path from the request URL.",
@@ -1959,8 +1959,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"retry": schema.SingleNestedAttribute{
- Description: "Retry holds the retry middleware configuration. This middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/",
- MarkdownDescription: "Retry holds the retry middleware configuration. This middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/retry/",
+ Description: "Retry holds the retry middleware configuration. This middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/",
+ MarkdownDescription: "Retry holds the retry middleware configuration. This middleware reissues requests a given number of times to a backend server if that server does not reply. As soon as the server answers, the middleware stops retrying, regardless of the response status. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/retry/",
Attributes: map[string]schema.Attribute{
"attempts": schema.Int64Attribute{
Description: "Attempts defines how many times the request should be retried.",
@@ -1984,8 +1984,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"strip_prefix": schema.SingleNestedAttribute{
- Description: "StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/",
- MarkdownDescription: "StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefix/",
+ Description: "StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefix/",
+ MarkdownDescription: "StripPrefix holds the strip prefix middleware configuration. This middleware removes the specified prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefix/",
Attributes: map[string]schema.Attribute{
"force_slash": schema.BoolAttribute{
Description: "Deprecated: ForceSlash option is deprecated, please remove any usage of this option. ForceSlash ensures that the resulting stripped path is not the empty string, by replacing it with / when necessary. Default: true.",
@@ -2010,8 +2010,8 @@ func (r *TraefikIoMiddlewareV1Alpha1Manifest) Schema(_ context.Context, _ dataso
},
"strip_prefix_regex": schema.SingleNestedAttribute{
- Description: "StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/",
- MarkdownDescription: "StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.1/middlewares/http/stripprefixregex/",
+ Description: "StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefixregex/",
+ MarkdownDescription: "StripPrefixRegex holds the strip prefix regex middleware configuration. This middleware removes the matching prefixes from the URL path. More info: https://doc.traefik.io/traefik/v3.2/middlewares/http/stripprefixregex/",
Attributes: map[string]schema.Attribute{
"regex": schema.ListAttribute{
Description: "Regex defines the regular expression to match the path prefix from the request URL.",
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_servers_transport_tcp_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_servers_transport_tcp_v1alpha1_manifest.go
index 67daf4b5e..2f5ba9145 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_servers_transport_tcp_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_servers_transport_tcp_v1alpha1_manifest.go
@@ -66,8 +66,8 @@ func (r *TraefikIoServersTransportTcpV1Alpha1Manifest) Metadata(_ context.Contex
func (r *TraefikIoServersTransportTcpV1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRequest, response *datasource.SchemaResponse) {
response.Schema = schema.Schema{
- Description: "ServersTransportTCP is the CRD implementation of a TCPServersTransport. If no tcpServersTransport is specified, a default one named default@internal will be used. The default@internal tcpServersTransport can be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3",
- MarkdownDescription: "ServersTransportTCP is the CRD implementation of a TCPServersTransport. If no tcpServersTransport is specified, a default one named default@internal will be used. The default@internal tcpServersTransport can be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_3",
+ Description: "ServersTransportTCP is the CRD implementation of a TCPServersTransport. If no tcpServersTransport is specified, a default one named default@internal will be used. The default@internal tcpServersTransport can be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3",
+ MarkdownDescription: "ServersTransportTCP is the CRD implementation of a TCPServersTransport. If no tcpServersTransport is specified, a default one named default@internal will be used. The default@internal tcpServersTransport can be configured in the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_3",
Attributes: map[string]schema.Attribute{
"yaml": schema.StringAttribute{
Description: "The generated manifest in YAML format.",
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_servers_transport_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_servers_transport_v1alpha1_manifest.go
index 31ef65ad1..5c3315c4d 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_servers_transport_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_servers_transport_v1alpha1_manifest.go
@@ -70,8 +70,8 @@ func (r *TraefikIoServersTransportV1Alpha1Manifest) Metadata(_ context.Context,
func (r *TraefikIoServersTransportV1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRequest, response *datasource.SchemaResponse) {
response.Schema = schema.Schema{
- Description: "ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1",
- MarkdownDescription: "ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#serverstransport_1",
+ Description: "ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1",
+ MarkdownDescription: "ServersTransport is the CRD implementation of a ServersTransport. If no serversTransport is specified, the default@internal will be used. The default@internal serversTransport is created from the static configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#serverstransport_1",
Attributes: map[string]schema.Attribute{
"yaml": schema.StringAttribute{
Description: "The generated manifest in YAML format.",
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_tls_option_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_tls_option_v1alpha1_manifest.go
index 86884cf87..8ee382b9b 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_tls_option_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_tls_option_v1alpha1_manifest.go
@@ -63,8 +63,8 @@ func (r *TraefikIoTlsoptionV1Alpha1Manifest) Metadata(_ context.Context, request
func (r *TraefikIoTlsoptionV1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRequest, response *datasource.SchemaResponse) {
response.Schema = schema.Schema{
- Description: "TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options",
- MarkdownDescription: "TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#tls-options",
+ Description: "TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options",
+ MarkdownDescription: "TLSOption is the CRD implementation of a Traefik TLS Option, allowing to configure some parameters of the TLS connection. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#tls-options",
Attributes: map[string]schema.Attribute{
"yaml": schema.StringAttribute{
Description: "The generated manifest in YAML format.",
@@ -135,8 +135,8 @@ func (r *TraefikIoTlsoptionV1Alpha1Manifest) Schema(_ context.Context, _ datasou
MarkdownDescription: "TLSOptionSpec defines the desired state of a TLSOption.",
Attributes: map[string]schema.Attribute{
"alpn_protocols": schema.ListAttribute{
- Description: "ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols",
- MarkdownDescription: "ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#alpn-protocols",
+ Description: "ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols",
+ MarkdownDescription: "ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#alpn-protocols",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -144,8 +144,8 @@ func (r *TraefikIoTlsoptionV1Alpha1Manifest) Schema(_ context.Context, _ datasou
},
"cipher_suites": schema.ListAttribute{
- Description: "CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites",
- MarkdownDescription: "CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#cipher-suites",
+ Description: "CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites",
+ MarkdownDescription: "CipherSuites defines the list of supported cipher suites for TLS versions up to TLS 1.2. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#cipher-suites",
ElementType: types.StringType,
Required: false,
Optional: true,
@@ -182,8 +182,8 @@ func (r *TraefikIoTlsoptionV1Alpha1Manifest) Schema(_ context.Context, _ datasou
},
"curve_preferences": schema.ListAttribute{
- Description: "CurvePreferences defines the preferred elliptic curves in a specific order. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences",
- MarkdownDescription: "CurvePreferences defines the preferred elliptic curves in a specific order. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#curve-preferences",
+ Description: "CurvePreferences defines the preferred elliptic curves in a specific order. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences",
+ MarkdownDescription: "CurvePreferences defines the preferred elliptic curves in a specific order. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#curve-preferences",
ElementType: types.StringType,
Required: false,
Optional: true,
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_tls_store_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_tls_store_v1alpha1_manifest.go
index 114cf9b5d..62c2ef343 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_tls_store_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_tls_store_v1alpha1_manifest.go
@@ -65,8 +65,8 @@ func (r *TraefikIoTlsstoreV1Alpha1Manifest) Metadata(_ context.Context, request
func (r *TraefikIoTlsstoreV1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRequest, response *datasource.SchemaResponse) {
response.Schema = schema.Schema{
- Description: "TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes namespaces. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores",
- MarkdownDescription: "TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes namespaces. More info: https://doc.traefik.io/traefik/v3.1/https/tls/#certificates-stores",
+ Description: "TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes namespaces. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores",
+ MarkdownDescription: "TLSStore is the CRD implementation of a Traefik TLS Store. For the time being, only the TLSStore named default is supported. This means that you cannot have two stores that are named default in different Kubernetes namespaces. More info: https://doc.traefik.io/traefik/v3.2/https/tls/#certificates-stores",
Attributes: map[string]schema.Attribute{
"yaml": schema.StringAttribute{
Description: "The generated manifest in YAML format.",
diff --git a/internal/provider/traefik_io_v1alpha1/traefik_io_traefik_service_v1alpha1_manifest.go b/internal/provider/traefik_io_v1alpha1/traefik_io_traefik_service_v1alpha1_manifest.go
index faa171ace..bc7c8546b 100644
--- a/internal/provider/traefik_io_v1alpha1/traefik_io_traefik_service_v1alpha1_manifest.go
+++ b/internal/provider/traefik_io_v1alpha1/traefik_io_traefik_service_v1alpha1_manifest.go
@@ -180,8 +180,8 @@ func (r *TraefikIoTraefikServiceV1Alpha1Manifest) Metadata(_ context.Context, re
func (r *TraefikIoTraefikServiceV1Alpha1Manifest) Schema(_ context.Context, _ datasource.SchemaRequest, response *datasource.SchemaResponse) {
response.Schema = schema.Schema{
- Description: "TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice",
- MarkdownDescription: "TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#kind-traefikservice",
+ Description: "TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice",
+ MarkdownDescription: "TraefikService is the CRD implementation of a Traefik Service. TraefikService object allows to: - Apply weight to Services on load-balancing - Mirror traffic on services More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#kind-traefikservice",
Attributes: map[string]schema.Attribute{
"yaml": schema.StringAttribute{
Description: "The generated manifest in YAML format.",
@@ -584,8 +584,8 @@ func (r *TraefikIoTraefikServiceV1Alpha1Manifest) Schema(_ context.Context, _ da
},
"sticky": schema.SingleNestedAttribute{
- Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
- MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
+ Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
+ MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
Attributes: map[string]schema.Attribute{
"cookie": schema.SingleNestedAttribute{
Description: "Cookie defines the sticky cookie configuration.",
@@ -745,8 +745,8 @@ func (r *TraefikIoTraefikServiceV1Alpha1Manifest) Schema(_ context.Context, _ da
},
"sticky": schema.SingleNestedAttribute{
- Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
- MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
+ Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
+ MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
Attributes: map[string]schema.Attribute{
"cookie": schema.SingleNestedAttribute{
Description: "Cookie defines the sticky cookie configuration.",
@@ -1023,8 +1023,8 @@ func (r *TraefikIoTraefikServiceV1Alpha1Manifest) Schema(_ context.Context, _ da
},
"sticky": schema.SingleNestedAttribute{
- Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
- MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.1/routing/services/#sticky-sessions",
+ Description: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
+ MarkdownDescription: "Sticky defines the sticky sessions configuration. More info: https://doc.traefik.io/traefik/v3.2/routing/services/#sticky-sessions",
Attributes: map[string]schema.Attribute{
"cookie": schema.SingleNestedAttribute{
Description: "Cookie defines the sticky cookie configuration.",
@@ -1103,8 +1103,8 @@ func (r *TraefikIoTraefikServiceV1Alpha1Manifest) Schema(_ context.Context, _ da
},
"sticky": schema.SingleNestedAttribute{
- Description: "Sticky defines whether sticky sessions are enabled. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing",
- MarkdownDescription: "Sticky defines whether sticky sessions are enabled. More info: https://doc.traefik.io/traefik/v3.1/routing/providers/kubernetes-crd/#stickiness-and-load-balancing",
+ Description: "Sticky defines whether sticky sessions are enabled. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing",
+ MarkdownDescription: "Sticky defines whether sticky sessions are enabled. More info: https://doc.traefik.io/traefik/v3.2/routing/providers/kubernetes-crd/#stickiness-and-load-balancing",
Attributes: map[string]schema.Attribute{
"cookie": schema.SingleNestedAttribute{
Description: "Cookie defines the sticky cookie configuration.",
diff --git a/internal/provider/trino_stackable_tech_v1alpha1/trino_stackable_tech_trino_catalog_v1alpha1_manifest.go b/internal/provider/trino_stackable_tech_v1alpha1/trino_stackable_tech_trino_catalog_v1alpha1_manifest.go
index 6867fdb16..9aa73e3c5 100644
--- a/internal/provider/trino_stackable_tech_v1alpha1/trino_stackable_tech_trino_catalog_v1alpha1_manifest.go
+++ b/internal/provider/trino_stackable_tech_v1alpha1/trino_stackable_tech_trino_catalog_v1alpha1_manifest.go
@@ -59,9 +59,10 @@ type TrinoStackableTechTrinoCatalogV1Alpha1ManifestData struct {
AccessStyle *string `tfsdk:"access_style" json:"accessStyle,omitempty"`
Credentials *struct {
Scope *struct {
- Node *bool `tfsdk:"node" json:"node,omitempty"`
- Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
- Services *[]string `tfsdk:"services" json:"services,omitempty"`
+ ListenerVolumes *[]string `tfsdk:"listener_volumes" json:"listenerVolumes,omitempty"`
+ Node *bool `tfsdk:"node" json:"node,omitempty"`
+ Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
+ Services *[]string `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"scope" json:"scope,omitempty"`
SecretClass *string `tfsdk:"secret_class" json:"secretClass,omitempty"`
} `tfsdk:"credentials" json:"credentials,omitempty"`
@@ -118,9 +119,10 @@ type TrinoStackableTechTrinoCatalogV1Alpha1ManifestData struct {
AccessStyle *string `tfsdk:"access_style" json:"accessStyle,omitempty"`
Credentials *struct {
Scope *struct {
- Node *bool `tfsdk:"node" json:"node,omitempty"`
- Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
- Services *[]string `tfsdk:"services" json:"services,omitempty"`
+ ListenerVolumes *[]string `tfsdk:"listener_volumes" json:"listenerVolumes,omitempty"`
+ Node *bool `tfsdk:"node" json:"node,omitempty"`
+ Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
+ Services *[]string `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"scope" json:"scope,omitempty"`
SecretClass *string `tfsdk:"secret_class" json:"secretClass,omitempty"`
} `tfsdk:"credentials" json:"credentials,omitempty"`
@@ -153,9 +155,10 @@ type TrinoStackableTechTrinoCatalogV1Alpha1ManifestData struct {
AccessStyle *string `tfsdk:"access_style" json:"accessStyle,omitempty"`
Credentials *struct {
Scope *struct {
- Node *bool `tfsdk:"node" json:"node,omitempty"`
- Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
- Services *[]string `tfsdk:"services" json:"services,omitempty"`
+ ListenerVolumes *[]string `tfsdk:"listener_volumes" json:"listenerVolumes,omitempty"`
+ Node *bool `tfsdk:"node" json:"node,omitempty"`
+ Pod *bool `tfsdk:"pod" json:"pod,omitempty"`
+ Services *[]string `tfsdk:"services" json:"services,omitempty"`
} `tfsdk:"scope" json:"scope,omitempty"`
SecretClass *string `tfsdk:"secret_class" json:"secretClass,omitempty"`
} `tfsdk:"credentials" json:"credentials,omitempty"`
@@ -324,8 +327,8 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Connection to an S3 store. Please make sure that the underlying Hive metastore also has access to the S3 store. Learn more about S3 configuration in the [S3 concept docs](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "Inline definition of an S3 connection.",
- MarkdownDescription: "Inline definition of an S3 connection.",
+ Description: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"access_style": schema.StringAttribute{
Description: "Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).",
@@ -346,6 +349,15 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
Description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
MarkdownDescription: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
Attributes: map[string]schema.Attribute{
+ "listener_volumes": schema.ListAttribute{
+ Description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ MarkdownDescription: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"node": schema.BoolAttribute{
Description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
MarkdownDescription: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
@@ -390,10 +402,10 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"host": schema.StringAttribute{
- Description: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- MarkdownDescription: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- Required: false,
- Optional: true,
+ Description: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ MarkdownDescription: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -409,8 +421,8 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"tls": schema.SingleNestedAttribute{
- Description: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
- MarkdownDescription: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
+ Description: "Use a TLS connection. If not specified no TLS will be used.",
+ MarkdownDescription: "Use a TLS connection. If not specified no TLS will be used.",
Attributes: map[string]schema.Attribute{
"verification": schema.SingleNestedAttribute{
Description: "The verification method used to verify the certificates of the server and/or the client.",
@@ -476,8 +488,8 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3Connection resource.",
- MarkdownDescription: "A reference to an S3Connection resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
@@ -530,10 +542,10 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- Required: false,
- Optional: true,
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -563,10 +575,10 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- Required: false,
- Optional: true,
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -686,8 +698,8 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Connection to an S3 store. Please make sure that the underlying Hive metastore also has access to the S3 store. Learn more about S3 configuration in the [S3 concept docs](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "Inline definition of an S3 connection.",
- MarkdownDescription: "Inline definition of an S3 connection.",
+ Description: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"access_style": schema.StringAttribute{
Description: "Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).",
@@ -708,6 +720,15 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
Description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
MarkdownDescription: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
Attributes: map[string]schema.Attribute{
+ "listener_volumes": schema.ListAttribute{
+ Description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ MarkdownDescription: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"node": schema.BoolAttribute{
Description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
MarkdownDescription: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
@@ -752,10 +773,10 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"host": schema.StringAttribute{
- Description: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- MarkdownDescription: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- Required: false,
- Optional: true,
+ Description: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ MarkdownDescription: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -771,8 +792,8 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"tls": schema.SingleNestedAttribute{
- Description: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
- MarkdownDescription: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
+ Description: "Use a TLS connection. If not specified no TLS will be used.",
+ MarkdownDescription: "Use a TLS connection. If not specified no TLS will be used.",
Attributes: map[string]schema.Attribute{
"verification": schema.SingleNestedAttribute{
Description: "The verification method used to verify the certificates of the server and/or the client.",
@@ -838,8 +859,8 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3Connection resource.",
- MarkdownDescription: "A reference to an S3Connection resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
@@ -898,8 +919,8 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
MarkdownDescription: "Connection to an S3 store. Please make sure that the underlying Hive metastore also has access to the S3 store. Learn more about S3 configuration in the [S3 concept docs](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"inline": schema.SingleNestedAttribute{
- Description: "Inline definition of an S3 connection.",
- MarkdownDescription: "Inline definition of an S3 connection.",
+ Description: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
+ MarkdownDescription: "S3 connection definition as a resource. Learn more on the [S3 concept documentation](https://docs.stackable.tech/home/nightly/concepts/s3).",
Attributes: map[string]schema.Attribute{
"access_style": schema.StringAttribute{
Description: "Which access style to use. Defaults to virtual hosted-style as most of the data products out there. Have a look at the [AWS documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/VirtualHosting.html).",
@@ -920,6 +941,15 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
Description: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
MarkdownDescription: "[Scope](https://docs.stackable.tech/home/nightly/secret-operator/scope) of the [SecretClass](https://docs.stackable.tech/home/nightly/secret-operator/secretclass).",
Attributes: map[string]schema.Attribute{
+ "listener_volumes": schema.ListAttribute{
+ Description: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ MarkdownDescription: "The listener volume scope allows Node and Service scopes to be inferred from the applicable listeners. This must correspond to Volume names in the Pod that mount Listeners.",
+ ElementType: types.StringType,
+ Required: false,
+ Optional: true,
+ Computed: false,
+ },
+
"node": schema.BoolAttribute{
Description: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
MarkdownDescription: "The node scope is resolved to the name of the Kubernetes Node object that the Pod is running on. This will typically be the DNS name of the node.",
@@ -964,10 +994,10 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"host": schema.StringAttribute{
- Description: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- MarkdownDescription: "Hostname of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
- Required: false,
- Optional: true,
+ Description: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ MarkdownDescription: "Host of the S3 server without any protocol or port. For example: 'west1.my-cloud.com'.",
+ Required: true,
+ Optional: false,
Computed: false,
},
@@ -983,8 +1013,8 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"tls": schema.SingleNestedAttribute{
- Description: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
- MarkdownDescription: "If you want to use TLS when talking to S3 you can enable TLS encrypted communication with this setting.",
+ Description: "Use a TLS connection. If not specified no TLS will be used.",
+ MarkdownDescription: "Use a TLS connection. If not specified no TLS will be used.",
Attributes: map[string]schema.Attribute{
"verification": schema.SingleNestedAttribute{
Description: "The verification method used to verify the certificates of the server and/or the client.",
@@ -1050,8 +1080,8 @@ func (r *TrinoStackableTechTrinoCatalogV1Alpha1Manifest) Schema(_ context.Contex
},
"reference": schema.StringAttribute{
- Description: "A reference to an S3Connection resource.",
- MarkdownDescription: "A reference to an S3Connection resource.",
+ Description: "",
+ MarkdownDescription: "",
Required: false,
Optional: true,
Computed: false,
diff --git a/internal/provider/trino_stackable_tech_v1alpha1/trino_stackable_tech_trino_cluster_v1alpha1_manifest.go b/internal/provider/trino_stackable_tech_v1alpha1/trino_stackable_tech_trino_cluster_v1alpha1_manifest.go
index 98ddc8d29..58588f64d 100644
--- a/internal/provider/trino_stackable_tech_v1alpha1/trino_stackable_tech_trino_cluster_v1alpha1_manifest.go
+++ b/internal/provider/trino_stackable_tech_v1alpha1/trino_stackable_tech_trino_cluster_v1alpha1_manifest.go
@@ -423,16 +423,16 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"authentication_class": schema.StringAttribute{
- Description: "A name/key which references an authentication class. To get the concrete ['AuthenticationClass'], we must resolve it. This resolution can be achieved by using ['ClientAuthenticationDetails::resolve_class'].",
- MarkdownDescription: "A name/key which references an authentication class. To get the concrete ['AuthenticationClass'], we must resolve it. This resolution can be achieved by using ['ClientAuthenticationDetails::resolve_class'].",
+ Description: "Name of the [AuthenticationClass](https://docs.stackable.tech/home/nightly/concepts/authentication) used to authenticate users.",
+ MarkdownDescription: "Name of the [AuthenticationClass](https://docs.stackable.tech/home/nightly/concepts/authentication) used to authenticate users.",
Required: true,
Optional: false,
Computed: false,
},
"oidc": schema.SingleNestedAttribute{
- Description: "This field contains authentication provider specific configuration. Use ['ClientAuthenticationDetails::oidc_or_error'] to get the value or report an error to the user.",
- MarkdownDescription: "This field contains authentication provider specific configuration. Use ['ClientAuthenticationDetails::oidc_or_error'] to get the value or report an error to the user.",
+ Description: "This field contains OIDC-specific configuration. It is only required in case OIDC is used.",
+ MarkdownDescription: "This field contains OIDC-specific configuration. It is only required in case OIDC is used.",
Attributes: map[string]schema.Attribute{
"client_credentials_secret": schema.StringAttribute{
Description: "A reference to the OIDC client credentials secret. The secret contains the client id and secret.",
@@ -649,8 +649,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -667,8 +667,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -676,8 +676,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -1055,8 +1055,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1073,8 +1073,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1082,8 +1082,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -1457,10 +1457,10 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
NestedObject: schema.NestedAttributeObject{
Attributes: map[string]schema.Attribute{
"name": schema.StringAttribute{
- Description: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- MarkdownDescription: "Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
- Required: false,
- Optional: true,
+ Description: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ MarkdownDescription: "Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names",
+ Required: true,
+ Optional: false,
Computed: false,
},
},
@@ -1516,8 +1516,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1534,8 +1534,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1543,8 +1543,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
@@ -1922,8 +1922,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.nodeAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1940,8 +1940,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
@@ -1949,8 +1949,8 @@ func (r *TrinoStackableTechTrinoClusterV1Alpha1Manifest) Schema(_ context.Contex
Description: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
MarkdownDescription: "Same as the 'spec.affinity.podAntiAffinity' field on the Pod, see the [Kubernetes docs](https://kubernetes.io/docs/concepts/scheduling-eviction/assign-pod-node)",
ElementType: types.StringType,
- Required: true,
- Optional: false,
+ Required: false,
+ Optional: true,
Computed: false,
},
},
diff --git a/schemas/openapi_v2/kubernetes/kubernetes/swagger.json b/schemas/openapi_v2/kubernetes/kubernetes/swagger.json
index 4be71c478..fe48ff6d4 100644
--- a/schemas/openapi_v2/kubernetes/kubernetes/swagger.json
+++ b/schemas/openapi_v2/kubernetes/kubernetes/swagger.json
@@ -16686,7 +16686,7 @@
]
},
"io.k8s.api.storage.v1.VolumeAttachmentSource": {
- "description": "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistenVolumes can be attached via external attacher, in future we may allow also inline volumes in pods. Exactly one member can be set.",
+ "description": "VolumeAttachmentSource represents a volume that should be attached. Right now only PersistentVolumes can be attached via external attacher, in the future we may allow also inline volumes in pods. Exactly one member can be set.",
"properties": {
"inlineVolumeSpec": {
"$ref": "#/definitions/io.k8s.api.core.v1.PersistentVolumeSpec",